AsyncRAT Crusade: Detections and Defense
The Splunk Threat Research Team explores detections and defense against the Microsoft OneNote AsyncRAT malware campaign.
What's GRC? Governance, Risk & Compliance Explained
GRC. The acronym for the 3 areas that businesses can not afford to ignore. Learn all about governance, risk, and compliance — plus how to get started.
Data Denormalization: The Complete Guide
To normalize or not normalize your data. Decide here, as we explain why you’d denormalize data (faster query times!) but also the reasons to avoid it.
My Username Fields Have Passwords in Them! What Do I Do?
Sometimes, users put their password into a username field and it gets logged into Splunk – learn how to identify this behavior and remediate it with SOAR.
What is Federated Search?
Searching isn’t as easy as you think: did Google get your request? Are you pinging multiple databases? Is ChatGPT involved? Learn all about federated search here.
Breaking the Chain: Defending Against Certificate Services Abuse
Explore the common certificate abuses leveraged by current and relevant adversaries in the wild, the multiple methods they use to obtain certificates, how to gather relevant logs and ways to mitigate adversaries stealing certificates.
What Does "Zero Day" Mean?
Nothing described with “zero” sounds good. That’s absolutely the case here, when it comes to zero-day vulnerabilities, exploits and attacks.
What is SQL Injection?
Injecting anything is rarely a good thing. When injection hijacks your SQL and interferes with your primary web systems, you’re in real trouble. Find out here.
Machine Learning in Security: Detecting Suspicious Processes Using Recurrent Neural Networks
Splunk's Kumar Sharad explains how to detect suspicious processes using recurrent neural networks.
