false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 3 Min Read

Sequenced Event Templates via Risk-based Alerting
Splunker Haylee Mills explains how to convert sequenced events into actionable insights using SPL techniques to enhance anomaly detection and improve security analytics.
Security 2 Min Read

SOAR: Transforming Security and IT
Splunker Kassandra Murphy explains how to streamline workflows and boost efficiency across your organization with intelligent orchestration and automation.
Security 4 Min Read

Logs Are for Campfires: Integrate and Innovate With Splunk Asset and Risk Intelligence
Splunker Jerald Perry explains how to stay ahead of threats with streamlined workflows and comprehensive insights into your security posture.
Security 5 Min Read

Defending at Machine-Speed: Accelerated Threat Hunting with Open Weight LLM Models
Splunker Ryan Fetterman explains how Splunk DSDL 5.2 enhances cybersecurity operations, streamlining PowerShell script classification and reducing analyst workload by 250x.
Security 3 Min Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts
Every month, our Splunk staff of security experts share their favorite reads of the month — this way, you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Security 16 Min Read

Sinister SQL Queries and How to Catch Them
Discover comprehensive strategies for detecting and mitigating SQL Server attacks.
Security 6 Min Read

SNARE: The Hunters Guide to Documentation
Discover the SNARE framework for effective threat hunting documentation.
Security 5 Min Read

Exploring AI for Vulnerability Investigation and Prioritisation
Splunker James Hodgkinson explains how AI-driven tools can revolutionize vulnerability investigation and prioritization.
Security 4 Min Read

Why Security Teams Choose Splunk Enterprise Security: Three Core Benefits That Transform SecOps
Discover how Splunk Enterprise Security transforms SecOps with comprehensive visibility, contextual threat detection, and efficient operations. Learn from PeerSpot users how this leading SIEM solution enhances security management and improves threat response.
Security 20 Min Read

Infostealer Campaign against ISPs
The Splunk Threat Research Team observed actors performing minimal intrusive operations to avoid detection, with the exception of artifacts created by accounts already compromised.
Security 3 Min Read

Splunk Security Content for Threat Detection & Response: February 2025 Update
Learn about the latest security content from Splunk.
Security 5 Min Read

Onboarding Windows Events to Powershell Threat Detection in UBA
Learn how to enhance PowerShell threat detection in UBA by effectively onboarding Windows events. Our step-by-step guide covers XML event log formats and Splunk integration, ensuring robust security against cyber threats.
Security 14 Min Read

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time
Explore SDDL in Windows security with our comprehensive guide to help enhance your defensive strategy against privilege escalation attacks.
Security 6 Min Read

Autonomous Adversaries: Are Blue Teams Ready for Cyberattacks To Go Agentic?
Explore the impact of autonomous adversaries on cybersecurity as AI and LLMs evolve.
Security 4 Min Read

Introducing DECEIVE: A Proof-of-Concept Honeypot Powered by AI
Explore DECEIVE: an AI-powered proof-of-concept honeypot by SURGe. Learn how AI simplifies cybersecurity with dynamic simulations and session summaries, paving the way for innovative security solutions.
Security 4 Min Read

Now Available: Splunk Enterprise Security Content Update App 5.0
The Splunk Threat Research Team announces the release of the Enterprise Security Content Update (ESCU) app 5.0.
Security 3 Min Read

Logs Are for Campfires: Splunk’s Asset and Risk Intelligence Leaves No Vulnerability Undiscovered!
Splunk's Asset and Risk Intelligence enhances security by uncovering hidden vulnerabilities, prioritizing critical threats, and offering dynamic risk scoring for proactive risk mitigation and compliance.
Security 1 Min Read

Cloud SOAR Achieves IRAP Assessment Along With Enterprise Security 8.0, DMX Edge Processor & Federated Search S3
We are delighted to announce that our Cloud SOAR solution has successfully completed the IRAP assessment.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Privacy
Sitemap
Cookies / Do not sell or share my personal data
Website Terms of Use
Modern Slavery

© 2005 - 2025 Splunk LLC All rights reserved.