false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Tag: Splunk Enterprise Security

Latest Articles

Security 5 Min Read

Stitching Notables Together with Event Sequencing
Event Sequencing can take multiple notable events that are created from correlation searches and present them to the analysts as a set of linked notable events and help prioritize response when these chain of events occur.
Security 3 Min Read

New: Machine Learning in Splunk Enterprise Security Content Update
Use machine learning techniques to identify outliers in security-related data with a new probability-density function algorithm in Splunk's Machine Learning Toolkit (MLTK)
Security 4 Min Read

Monitor for, Investigate, and Respond to Phishing Payloads with Splunk Enterprise Security Content Update
Detect, investigate, and defend signs of phishing payloads in your environment with Splunk Enterprise Security Content Update (ESCU)
Security 3 Min Read

Boss of the SOC (BOTS) Advanced APT Hunting Companion App: Now Available on Splunkbase
If you want to learn more about threat hunting with Splunk, this app in conjunction with the BOTSv2 data set is just the answer!
Security 4 Min Read

Threat Intel and Splunk Enterprise Security Part 2 - Adding Local Intel to Enterprise Security
Splunker John Stoner shares a walkthrough for how to add local threat intelligence into Splunk Enterprise Security
Security 5 Min Read

Modifying the Incident Review Page
How to modify the Incident Review page and add information to Notable Events in Splunk Enterprise Security
Security 4 Min Read

ATT&CK-ing the Adversary: Episode 3 – Operationalizing ATT&CK with Splunk
In the final episode in the MITRE ATT&CK trilogy, we focus on applying what we learned and operationalizing it with ATT&CK to assist our security operations
Security 5 Min Read

ATT&CK-ing the Adversary: Episode 2 - Hunting with ATT&CK in Splunk
Using MITRE ATT&CK to focus your threat hunting in Splunk
Security 2 Min Read

Boss of the SOC Scoring Server, Questions and Answers, and Dataset! Open-Sourced and Ready for Download
We have open-sourced the Boss of the SOC dataset (ver1.0) and BOT(S|N) scoring server. They can be used to run your own CTF, perform research, or train your internal users!
Legal
Privacy
Sitemap
Cookies / Do not sell or share my personal data
Website Terms of Use
Modern Slavery

© 2005 - 2025 Splunk LLC All rights reserved.