Security Blogs

This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it

Uncover the Inno Setup malware campaign leveraging Pascal scripting to deliver RedLine Stealer.

TLS and SSL certificates are a great way to hunt advanced adversaries. Collect them with Splunk Stream, Bro, or Suricata and hunt in your own data!

Discover how Splunk Enterprise Security and the SA-Investigator add-on empower analysts to streamline threat hunting and incident response. Learn how to pivot across assets, identities, and processes for deep-dive investigations and actionable insights. Happy hunting!

This article will look at native AWS network telemetry — VPCFlows. We’ll explore what it is, how you can ingest it, and what value it provides from a security perspective.

Explore XWorm's shape-shifting tactics, evolution, and persistence, and how Splunk helps detect this RAT.

Discover how Splunk Enterprise Security 8.0 revamps machine learning, spots hidden threats, simplifies anomaly detection, and turbocharges your SOC.

Splunk Attack Analyzer enhances threat analysis with built-in email/document translation and achieves SOC 2 compliance.

Splunk Attack Range v4.0 empowers security teams to build detections & emulate adversaries.