Security Blogs

With the release of Splunk Phantom 4.10.1, we now allow you to configure the number of playbook runners using Python 2 and Python 3. Learn more right here.

Using Splunk for link analysis - part 2 covering visualizations of linked data.

The scale of cyber attacks and the complexity of networks exacerbate the situation. Operators face three significant challenges: an IT security ecosystem that is fragmented and in flux, users that are both human and machine, and multiple threats with varying levels of severity and sophistication.

Looking for ways to detect and protect against the SUDO Baron Samedit vulnerability (CVE-2021-3156)? Look no further. In this blog we tell you how to proactively detect vulnerable servers using Splunk and also to detect malicious folks who are attempting to exploit this vulnerability for nefarious outcomes!

TruSTAR’s Enclave technology is the most advanced cloud-based governance engine for enterprise cyber intelligence – read on to discover how it has evolved to meet the needs of integration, automation and intelligence sharing.

Part 1 of a multi-part series exploring ways to use Splunk for link analysis. This blog focuses on data reduction.

Discover how to add an additional layer of security in AWS with Splunk Phantom by scheduling a playbook to search for inactive users and activating another playbook to disable problem user accounts.

Using Microsoft O365 for your emails? Take a look at the new Microsoft O365 Email Add-on for Splunk to start getting in-depth security and non security data from your emails today.

Security orchestration, automation and response (SOAR) tools are here to stay, do you have the best-of-breed SOAR in your security stack?