Michael Haag's Blog Posts

Michael Haag

Michael Haag is Senior Threat Research at Splunk. Michael led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. An avid researcher, he is passionate about understanding and evaluating the limits of defensive systems. His background includes security analysis, threat research, and incident handling.

Security 14 Min Read

Introducing ShellSweepPlus: Open-Source Web Shell Detection

Detect web shells easily with ShellSweepPlus, an open-source tool for detecting potential web shells. Learn how ShellSweepPlus works and how to use it here.

Security 10 Min Read

Deploy, Test, Monitor: Mastering Microsoft AppLocker, Part 2

Leverage the power of Splunk to ingest, visualize, and analyze AppLocker events, enabling you to gain valuable insights and strengthen your organization's security posture.

Security 11 Min Read

Deploy, Test, Monitor: Mastering Microsoft AppLocker, Part 1

The Splunk Threat Research Team provides a comprehensive overview of AppLocker and guidance for getting started with AppLocker policies

Security 6 Min Read

Security Insights: Detecting CVE-2024-4040 Exploitation in CrushFTP

The Splunk Threat Research Team explores how Splunk can help you identify and investigate CVE-2024-4040 exploitation in your CrushFTP environment.

Security 5 Min Read

Security Insights: Jenkins CVE-2024-23897 RCE

In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.

Security 6 Min Read

Security Insights: Tracking Confluence CVE-2023-22527

In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.