Skip to main content
Log4Shell Vulnerability: Information and guidance for you.
Log4Shell Vulnerability: Information and guidance for you.

SPLUNK THREAT RESEARCH

Expert security knowledge at your fingertips

Integrate threat research into your security operations center to streamline workflows and remediate threats faster.

splunk repsonse to solarwinds cyberattack

Log4Shell Vulnerability

Information and guidance to determine if you’re affected.

Amplify Splunk's security capabilities with expert knowledge and research

remediate threats faster

Remediate threats faster

Bring the knowledge of our experts into your security operations

realize faster time to value

Realize faster time to value

Get value quickly with pre-packaged detections and responses

focus on critical tasks

Focus on critical tasks

Spend less time writing or testing searches or detections

THE CHALLENGE

Stay ahead of emerging threats

The security landscape is ever-changing and security practitioners don’t have enough time to do it all due to:

  • Too many alerts
  • Staff shortages
  • No allocated time for threat hunting
  • No in-house threat research team

 

Let us help you establish a plan against new threats with tactical guidance.

stay ahead of emerging threats

OUR SOLUTION

Power your SOC with readily available security content

Use out-of-the-box use cases, detection searches and playbooks to help your team strengthen defenses against the latest threats.

 

how to guide

How-to guides for remediating threats

Apply our research to streamline operations.

Analytic Stories
Analytic stories are security use cases supported by our threat research team’s pre-built detections and responses.

Deployments
Learn how to configure the schedule and alert actions for any available security content.

how to guide
threat visibility

Better threat visibility with detection searches

Strengthen your security posture by leveraging custom detection searches to identify vulnerabilities and cyber attacks quickly.

threat visibility
playbook automation

Playbook automation for SOC efficiency

Start automating mundane, repetitive tasks so that your team can focus on mission-critical alerts.

 

30 minutes
Mean time to respond before automation

30 seconds
Mean time to respond after automation

playbook automation

Access threat research

There are multiple ways you can leverage our threat research to increase your cyber defenses today. Get it in a product user interface by downloading the Enterprise Security Content Updates app or the Splunk Security Essentials app. Or you may access the detections and use cases on directly on web through Splunk Docs or our API.

FOR SECURITY PRACTITIONERS

Tools that turn data into doing

Extend the power of Splunk with  Apps, Add-Ons, resources and more.

Tools

attack range

Attack Range

Attack Range allows security practitioners to test detection searches against cyber attacks in a simulated production environment.

attack data

Attack Data

Use generated attack data with Attack Range to test detection searches in a simulated environment.

enterprise security

Enterprise Security Content Update (ESCU) App

Pre-packaged security content to guide teams on how to address ongoing time-sensitive threats, attack methods and other security issues.

Blogs

detecting malware script loaders using remcos

Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021

simulating, detecting, and responding to log4shell with splunk

Simulating, Detecting, and Responding to Log4Shell with Splunk

active directory lateral movement detection

Active Directory Lateral Movement Detection: Threat Research Release, November 2021

securing devsecops

Securing DevSecOps: Threat Research Release, October 2021

detecting remcos tool used by fin7 with splunk

Detecting Remcos Tool Used by FIN7 with Splunk

Resources

Simulating, Detecting and Responding to Log4j Vulnerabilities

Simulating, Detecting and Responding to Log4j Vulnerabilities

kubernetes

How Splunk gives actionable relief to torture testing Kubernetes across multicloud

simulated adversary techniques

Simulated Adversary Techniques Datasets for Splunk

Release Notes

Enterprise Security Content Updates

Need more help?

Join the user group Slack channel to chat directly with our security research team.

Get Started

Accelerate your cloud-driven security transformation today