Security Blogs

Stay ahead of cyber threats with the latest Splunk security content. Explore new analytic stories for Shadow AI, Kerberos coercion, and npm supply chain attacks.

Discover the risks of inference-time poisoning in GGUF models. Learn how to detect malicious chat templates and monitor LLM metadata at scale for better security.

Build instrumented cloud labs with Splunk Attack Range v5. Simulate attacks, generate telemetry, and test detections on AWS, Azure, and GCP using Docker and APIs.

Splunk is proud to announce the general availability of Splunk Enterprise Security (ES) Premier for cloud customers.

Learn how to secure Model Context Protocol (MCP) servers using the Splunk MCP TA.

Learn how to use TOTAL-REPLAY to replay Splunk Attack Data logs. Validate detections, tune analytics, and map to MITRE ATT&CK without a full attack lab.

UEBA excels at identifying small deviations in user and device behavior across authentication, data access, data movement, and privilege usage.

The Splunk Threat Research Team walks through the lab setup, Splunk data ingestion, and initial exploration of Tetragon logs to establish our foundation.

In January, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security Content Update (ESCU) app (v5.20).