Security Blogs

Fraud rates for Unemployment Insurance Benefits (UIB) and Pandemic Unemployment Assistance (PUA) are out of control. Use these detections to start detecting unemployment fraud now.

The SolarWinds Orion compromise resulted in the first recorded use of Golden SAML in the wild. Learn how you can start detecting this in Splunk now.

Security automation is now easier than ever. Learn what's new with Splunk Phantom now.

Although Splunk was not directly affected by the SolarWinds cyberattacks, as a leader in security we want to help the industry by providing tools, guidance and support to those impacted. Splunk's CISO Yassir Abousselham shares relevant information for customers and examples of how Splunk has taken action to better protect its business.

Supernova exposes SolarWinds Orion to attack via an in-memory web shell. It needs to be patched and detections below can help identify adversary actions.

These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!

The Sunburst Backdoor threat truly burst on the scene as a send off for 2020. The good news is that the Splunk Security team has produced detections you can run in Splunk Enterprise Security to help you protect your environment from this sophisticated threat.

In part 3 of our now 4-part series, we walk you through how we failed to use CircleCI to continually test detentions!

British Airways made the headlines when they were hacked, customer details stolen and were issued a Penalty Notice by the UK ICO. Matthias Maier took a closer look at the document and recapitulated the key takeaways any IT security person can learn from.