Skip to main content
false
Blogs
Blogs
Blogs

Splunk Enterprise Security Blogs

Latest Articles

Security 2 Min Read

Introducing Synthetic Adversarial Log Objects (SALO)
Synthetic Adversarial Log Objects (SALO) is a framework for the generation of log events without the need for infrastructure or actions to initiate the event that causes a log event. Learn more about its purpose and how you can utilize it.
Industries 2 Min Read

Securing DoD Systems — A Look at SOAR
Congress again re-enforces the importance of interoperability and automated orchestration of cybersecurity systems.
Security 3 Min Read

Refined User Experience, New Executive Visibility, and Enhanced Cloud Monitoring with Splunk Enterprise Security 7.0
Check out the latest Security Analytics enhancements to Splunk Enterprise Security with our latest 7.0 release.
Security 9 Min Read

Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021
Start detection against behaviors and TTPs from a Remcos loader that utilizes DynamicWrapperX (dynwrapx.dll) to execute shellcode and inject Remcos RAT into the target process.
Security 13 Min Read

Simulating, Detecting, and Responding to Log4Shell with Splunk
Splunk Threat Research Team simulated the Log4j vulnerabilities in the Splunk Attack Range. Using the data collected, we developed 13 new detections and 9 playbooks to help Splunk SOAR customers investigate and respond to this threat.
Security 9 Min Read

Log4Shell - Detecting Log4j Vulnerability (CVE-2021-44228) Continued
Good news, you can use Splunk to proactively hunt using Network Traffic and DNS query logs data sources to detect potential Log4Shell exploit. From Splunk SURGe, learn even more detections against CVE-2021-44228.
Security 7 Min Read

Listen To Those Pipes: Part 2
In this Hunting with Splunk episode (part 2 or 2), we focus on, you guessed it, pipes. Pipes are a form of inter-process communication (IPC), which can be used for abuse just like processes can.
Security 6 Min Read

Listen To Those Pipes: Part 1
In this Hunting with Splunk episode (part 1 or 2), we focus on, you guessed it, pipes. Pipes are a form of inter-process communication (IPC), which can be used for abuse just like processes can.
Partners 2 Min Read

Monitor Salesforce’s Real-Time Events with Splunk
The power of the new Splunk integration with Salesforce's Real-Time Event Monitoring (RTEM) enables customers to track security concerns such as failed logins, suspicious login-as activities and high risk permission modifications. Find out more in this blog.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk Inc. All rights reserved.