Security Blogs

Every month, our Splunk staff of security experts share their favorite reads of the month — this way, you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.

Security 4 Min Read

Why Security Teams Choose Splunk Enterprise Security: Three Core Benefits That Transform SecOps

Discover how Splunk Enterprise Security transforms SecOps with comprehensive visibility, contextual threat detection, and efficient operations. Learn from PeerSpot users how this leading SIEM solution enhances security management and improves threat response.

Security 20 Min Read

Infostealer Campaign against ISPs

The Splunk Threat Research Team observed actors performing minimal intrusive operations to avoid detection, with the exception of artifacts created by accounts already compromised.

Security 3 Min Read

Splunk Security Content for Threat Detection & Response: February 2025 Update

Learn about the latest security content from Splunk.

Security 5 Min Read

Onboarding Windows Events to Powershell Threat Detection in UBA

Learn how to enhance PowerShell threat detection in UBA by effectively onboarding Windows events. Our step-by-step guide covers XML event log formats and Splunk integration, ensuring robust security against cyber threats.

Security 14 Min Read

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time

Explore SDDL in Windows security with our comprehensive guide to help enhance your defensive strategy against privilege escalation attacks.

Security 6 Min Read

Autonomous Adversaries: Are Blue Teams Ready for Cyberattacks To Go Agentic?

Explore the impact of autonomous adversaries on cybersecurity as AI and LLMs evolve.

Security 4 Min Read

Introducing DECEIVE: A Proof-of-Concept Honeypot Powered by AI

Explore DECEIVE: an AI-powered proof-of-concept honeypot by SURGe. Learn how AI simplifies cybersecurity with dynamic simulations and session summaries, paving the way for innovative security solutions.

Security 4 Min Read

Now Available: Splunk Enterprise Security Content Update App 5.0

The Splunk Threat Research Team announces the release of the Enterprise Security Content Update (ESCU) app 5.0.

Security 3 Min Read

Logs Are for Campfires: Splunk’s Asset and Risk Intelligence Leaves No Vulnerability Undiscovered!

Splunk's Asset and Risk Intelligence enhances security by uncovering hidden vulnerabilities, prioritizing critical threats, and offering dynamic risk scoring for proactive risk mitigation and compliance.

Security 1 Min Read

Cloud SOAR Achieves IRAP Assessment Along With Enterprise Security 8.0, DMX Edge Processor & Federated Search S3

We are delighted to announce that our Cloud SOAR solution has successfully completed the IRAP assessment.

Security 6 Min Read

Matching AI Strengths to Blue Team Needs

Discover how AI and Large Language Models (LLMs) enhance cybersecurity operations for Blue Teams.

Security 4 Min Read

Harness the Power of Cisco Talos Threat Intelligence Across Splunk Security Products

Leverage Cisco Talos’ threat intelligence through Cisco Talos Intelligence for Enterprise Security, the Cisco Talos Intelligence connector for Splunk SOAR, and as a globally enabled feature in Splunk Attack Analyzer.

Security 2 Min Read

The Modern SIEM Has Come a Long Way From Your Grandmother’s SIEM

Explore how modern SIEM solutions tackle scalability, alert fatigue, and advanced threat detection with automation, machine learning, and real-time insights for efficient SOC workflows.

Security 18 Min Read

Meduza Stealer Analysis: A Closer Look at its Techniques and Attack Vector

Uncover Meduza Stealer, a 2023 malware targeting credentials and crypto wallets. Explore its evasion tactics, attack methods, and Splunk’s expert insights for enhanced security.

Subscribe to our blog

Get the latest articles from Splunk straight to your inbox.

Connect with Splunk on X

Follow @Splunk

Connect with Splunk on Instagram

Follow @Splunk

See Splunk Perspectives blog for execs

Get Perspectives