Michael Haag

Michael Haag is Senior Threat Research at Splunk. Michael led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. An avid researcher, he is passionate about understanding and evaluating the limits of defensive systems. His background includes security analysis, threat research, and incident handling.

Security 11 Min Read

Bypassing the Bypass: Detecting Okta Classic Application Sign-On Policy Evasion

The Splunk Threat Research Team dives into the Okta policy bypass vulnerability, offering detection insights and effective hunting strategies for security teams.

Security 10 Min Read

CosmicSting: A Critical XXE Vulnerability in Adobe Commerce and Magento (CVE-2024-34102)

The Splunk Research Team dissects the technical intricacies of the CosmicSting vulnerability, explores its potential impact on affected systems, and provides detection opportunities and mitigation strategies.

Security 14 Min Read

PowerShell Web Access: Your Network's Backdoor in Plain Sight

The Splunk Threat Research Teams dives deep into PowerShell Web Access (PSWA) exploring its functionality within the context of cyber threats.

Security 8 Min Read

The Final Shell: Introducing ShellSweepX

The Splunk Threat Research Team is excited to announce the final tool in the ShellSweep collection: ShellSweepX.

Security 14 Min Read

Introducing ShellSweepPlus: Open-Source Web Shell Detection

Detect web shells easily with ShellSweepPlus, an open-source tool for detecting potential web shells. Learn how ShellSweepPlus works and how to use it here.

Security 10 Min Read

Deploy, Test, Monitor: Mastering Microsoft AppLocker, Part 2

Leverage the power of Splunk to ingest, visualize, and analyze AppLocker events, enabling you to gain valuable insights and strengthen your organization's security posture.