Tag: Splunk Enterprise Security

It’s time to take that breach vacation and get the inside scoop at what Splunk has happening at Black Hat 2021.

Splunk Security Essentials (SSE) is now part of the Splunk security portfolio and fully supported with an active Splunk Cloud or Splunk Enterprise license. Start using SSE and apply prescriptive guidance and deploy pre-built security detections in your Splunk environment.

The Splunk Threat Research Team has assessed several samples of Trickbot, a popular crimeware carrier that allows malicious actors to deliver multiple types of payloads. Use our pre-built Splunk detections to detect Trickbots.

Check out detections from the Splunk Threat Research team to detect data exfiltration – also known as data extrusion, data exportation, and data theft – in your environment.

Learn about the latest and greatest features of Splunk Enterprise Security 6.6.

REvil attackers exploited Kaseya, a highly trusted management software. Here's how security leaders can take actionable steps to improve your business's defenses.

On July 2, 2021, REvil group used Kaseya to distribute malware to its on-premises customers. Splunk has pushed out guidance to help understand and detect REvil. Learn more about the REvil ransomeware group, their tactics, and how to detect them using Splunk.

We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.

Grace and the team at Frothly are back! Get in on the fun and join Boss of the SOC (BOTS!) at .conf21 virtual.