Michael Haag's Blog Posts
Michael Haag is Principal Threat Research Enginer at Splunk. Michael led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. An avid researcher, he is passionate about understanding and evaluating the limits of defensive systems. His background includes security analysis, threat research, and incident handling.
Display Mode
Paginated
Filter
Author
Author URL
Limit
6
Security Insights: Detecting CVE-2024-4040 Exploitation in CrushFTP
The Splunk Threat Research Team explores how Splunk can help you identify and investigate CVE-2024-4040 exploitation in your CrushFTP environment.
Security Insights: Jenkins CVE-2024-23897 RCE
In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.
Security Insights: Tracking Confluence CVE-2023-22527
In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.
Security Insights: Investigating Ivanti Connect Secure Auth Bypass and RCE
The Splunk Threat Research Team has swiftly developed Splunk analytics and hunting queries, helping defenders quickly adapt and respond to emerging threats CVE-2023-46804 and CVE-2024-21887.
Ghost in the Web Shell: Introducing ShellSweep
Splunk introduces ShellSweep, a suite of utilities designed to detect and combat malicious web shells in servers.
Deploy, Test, Monitor: Mastering Microsoft Defender ASR with Atomic Techniques in Splunk
Explore Microsoft Defender ASR's role in cybersecurity with Splunk and learn deployment, testing, and monitoring strategies for robust defense.