Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Security Staff Picks To Read This Month, Handpicked by Splunk Experts
Every month, our Splunk staff of security experts share their favorite reads of the month — this way, you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Why Security Teams Choose Splunk Enterprise Security: Three Core Benefits That Transform SecOps
Discover how Splunk Enterprise Security transforms SecOps with comprehensive visibility, contextual threat detection, and efficient operations. Learn from PeerSpot users how this leading SIEM solution enhances security management and improves threat response.
Infostealer Campaign against ISPs
The Splunk Threat Research Team observed actors performing minimal intrusive operations to avoid detection, with the exception of artifacts created by accounts already compromised.
Splunk Security Content for Threat Detection & Response: February 2025 Update
Learn about the latest security content from Splunk.
Onboarding Windows Events to Powershell Threat Detection in UBA
Learn how to enhance PowerShell threat detection in UBA by effectively onboarding Windows events. Our step-by-step guide covers XML event log formats and Splunk integration, ensuring robust security against cyber threats.
Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time
Explore SDDL in Windows security with our comprehensive guide to help enhance your defensive strategy against privilege escalation attacks.
Autonomous Adversaries: Are Blue Teams Ready for Cyberattacks To Go Agentic?
Explore the impact of autonomous adversaries on cybersecurity as AI and LLMs evolve.
Introducing DECEIVE: A Proof-of-Concept Honeypot Powered by AI
Explore DECEIVE: an AI-powered proof-of-concept honeypot by SURGe. Learn how AI simplifies cybersecurity with dynamic simulations and session summaries, paving the way for innovative security solutions.
Now Available: Splunk Enterprise Security Content Update App 5.0
The Splunk Threat Research Team announces the release of the Enterprise Security Content Update (ESCU) app 5.0.
Logs Are for Campfires: Splunk’s Asset and Risk Intelligence Leaves No Vulnerability Undiscovered!
Splunk's Asset and Risk Intelligence enhances security by uncovering hidden vulnerabilities, prioritizing critical threats, and offering dynamic risk scoring for proactive risk mitigation and compliance.
Cloud SOAR Achieves IRAP Assessment Along With Enterprise Security 8.0, DMX Edge Processor & Federated Search S3
We are delighted to announce that our Cloud SOAR solution has successfully completed the IRAP assessment.
Matching AI Strengths to Blue Team Needs
Discover how AI and Large Language Models (LLMs) enhance cybersecurity operations for Blue Teams.
Harness the Power of Cisco Talos Threat Intelligence Across Splunk Security Products
Leverage Cisco Talos’ threat intelligence through Cisco Talos Intelligence for Enterprise Security, the Cisco Talos Intelligence connector for Splunk SOAR, and as a globally enabled feature in Splunk Attack Analyzer.
The Modern SIEM Has Come a Long Way From Your Grandmother’s SIEM
Explore how modern SIEM solutions tackle scalability, alert fatigue, and advanced threat detection with automation, machine learning, and real-time insights for efficient SOC workflows.
Meduza Stealer Analysis: A Closer Look at its Techniques and Attack Vector
Uncover Meduza Stealer, a 2023 malware targeting credentials and crypto wallets. Explore its evasion tactics, attack methods, and Splunk’s expert insights for enhanced security.
Cisco Intends to Acquire Threat Detection and Defense Company SnapAttack, Driving Further Splunk Innovation to Power the SOC of the Future
Cisco announces it intent to acquire threat detection and defense company SnapAttack, driving further Splunk innovation to power the SOC of the future.
Logs Are For Campfires: Log Data, Big Data, and Splunk Asset & Risk Intelligence
Discover how Splunk Asset and Risk Intelligence (ARI) transforms log data into actionable insights. From automated asset discovery to risk and compliance management, ARI empowers organizations with real-time visibility, vulnerability tracking, and proactive threat mitigation. Elevate your security posture today.
Introducing the OT Security Solution Accelerator
The OT Security Solution Accelerator provides prescriptive guidance around data collection, reference architectures, and a Splunk app with existing content to accelerate their capabilities.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
