Michael Haag

Michael Haag is Senior Threat Research at Splunk. Michael led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. An avid researcher, he is passionate about understanding and evaluating the limits of defensive systems. His background includes security analysis, threat research, and incident handling.

Security 11 Min Read

Deploy, Test, Monitor: Mastering Microsoft AppLocker, Part 1

The Splunk Threat Research Team provides a comprehensive overview of AppLocker and guidance for getting started with AppLocker policies

Security 6 Min Read

Security Insights: Detecting CVE-2024-4040 Exploitation in CrushFTP

The Splunk Threat Research Team explores how Splunk can help you identify and investigate CVE-2024-4040 exploitation in your CrushFTP environment.

Security 5 Min Read

Security Insights: Jenkins CVE-2024-23897 RCE

In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.

Security 6 Min Read

Security Insights: Tracking Confluence CVE-2023-22527

In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.

Security 6 Min Read

Security Insights: Investigating Ivanti Connect Secure Auth Bypass and RCE

The Splunk Threat Research Team has swiftly developed Splunk analytics and hunting queries, helping defenders quickly adapt and respond to emerging threats CVE-2023-46804 and CVE-2024-21887.

Security 7 Min Read

Ghost in the Web Shell: Introducing ShellSweep

Splunk introduces ShellSweep, a suite of utilities designed to detect and combat malicious web shells in servers.