Tag: Splunk Enterprise Security

Splunk has a new security research team focused on in-depth analysis of the latest cybersecurity news to help the public navigate security incidents with confidence using Splunk.

We're unveiling several features and announcements focused on improving your ability to battle security threats and transform securely with Splunk for security.

Splunk and Mandiant have partnered to deliver a formidable defense allowing customers to tap into Mandiant’s threat intelligence and expertise and Splunk’s powerful analytics to stay ahead of attackers and threats.

The autoregression command, which is a centralized streaming command, is used to calculate a moving average. Learn how to use this command to gather information, just in time for Boss of the SOC v6!

In this blog post, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PoshC2 & PurpleSharp to then collect and analyze the resulting telemetry to test our detections.

Splunk and DTEX Systems have partnered to offer an integrated solution that captures, analyzes and streams a single, noise-free endpoint data signal.

Adversaries are using PowerShell attacks, but luckily the Splunk Threat Research Team (STRT) has developed PowerShell analytics for Splunk by using the Splunk Attack Range to collect the generated logs, and hunt for suspicious PowerShell.

Splunk welcomes the roll out of the Joint Cyber Defense Collaborative (JCDC) as a significant step forward in leveraging collaborative data and defense to battle cyber attacks from criminal organizations and nation states.

According to 451 Research’s Voice of the Enterprise survey data, 64% say integration and correlation of threat intelligence is very important when selecting a SIEM vendor. Learn where Splunk Enterprise Security can give you actionable insights.