Skip to main content
false
shared header v2
Lucid Search Bar Implementation
Push Down Banner V1 Analytics Patch, remove after implementing V2 (S9 or S10)
Global nav V2 patch, remove after adding the mobile languages fix in the codebase (S7 or S8)
transitional logo header/footer patch

SURGe Blogs

Latest Articles

Security 5 Min Read

Add To Chrome? - Part 4: Threat Hunting in 3-Dimensions: M-ATH in the Chrome Web Store

SURGe experiments with a method to find masquerading using M-ATH with Splunk and the DSDL App.
Security 5 Min Read

Add to Chrome? - Part 3: Findings and Recommendations

SURGe explores findings and general recommendations on whether or not you should click 'Add to Chrome' the next time you find a fancy new extension.
Security 5 Min Read

Add to Chrome? - Part 2: How We Did Our Research

SURGe explores the analysis pipeline in more detail and digs into the two main phases of this research – how the team collected the data and how they analyzed it.
Security 4 Min Read

Add to Chrome? - Part 1: An Analysis of Chrome Browser Extension Security

An overview of SURGe research that analyzed the entire corpus of public browser extensions available on the Google Chrome Web Store.
Security 11 Min Read

Hypothesis-Driven Cryptominer Hunting with PEAK

A sample hypothesis-driven hunt, using SURGe's PEAK threat hunting framework, looking for unauthorized cryptominers.
Security 6 Min Read

Old School vs. New School

The Splunk SURGe team examines the claim that generative AI will empower threat actors to improve the scale and/or efficiency of their spear-phishing campaigns.
Security 5 Min Read

SOC Models: In-House, Out-Sourced, or Hybrid SOC?

Splunk's Kirsty Paine shares best practices from a roundtable held at Gartner Security & Risk Management Summit 2023.
Security 5 Min Read

Using eval to Calculate, Appraise, Classify, Estimate & Threat Hunt

This article discusses a foundational capability within Splunk — the eval command. Need to pick a couple commands for your desert island collection? eval should be one!
Security 4 Min Read

Using RegEx for Threat Hunting (It’s Not Gibberish, We Promise!)

Another excellent tool for your threat hunting: RegEx! SPL offers two commands for utilizing regular expressions in Splunk searches. See how to do it here.