Skip to main content
false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 10 Min Read

Detecting Cloud Account Takeover Attacks: Threat Research Release, October 2022
The Splunk Threat Research Team shares a closer look at the telemetry available in Azure, AWS and GCP and the options teams have to ingest this data into Splunk.
Security 13 Min Read

From Macros to No Macros: Continuous Malware Improvements by QakBot
This blog, the Splunk Threat Research Team (STRT) showcases a year's evolution of QakBot. We also dive into a recent change in tradecraft meant to evade security controls. Last, we reverse engineered the QakBot loader to showcase some of its functions.
Security 2 Min Read

Splunk Integrates with Amazon Security Lake to Deliver Analytics Using the Open Cybersecurity Schema Framework
We're proud to be one of the early partners of Amazon Security Lake, allowing joint Splunk and AWS customers to efficiently ingest the OCSF-compliant data to help improve threat detection, investigation and response.
Security 2 Min Read

How Good is ClamAV at Detecting Commodity Malware?
We ran over 400,000 instances of malware to see how good ClamAV really is. Here's the data.
Security 2 Min Read

Staff Picks for Splunk Security Reading November 2022
Hello, everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read. We hope you enjoy.
Security 6 Min Read

NIS2 is coming… What does it mean?
On 28th November, European Member States formally adopted the revision of the Network and Information Security Directive (NIS2) (EN, DE, FR). The Directive will enter into force before the end of the year, but will only be applicable after EU Member States transpose the Directive into national law - by September 2024. So now is the time for a heads-up about the upcoming changes and what they will mean for your cybersecurity operations.
Security 3 Min Read

Explore the Splunk SOAR Adoption Maturity Model
SOAR helps you orchestrate security workflows and automate tasks in seconds to empower your SOC, work smarter and respond faster. Increasingly, security automation is becoming seen as a milestone in maturing your security operations. And maturing security operations is something all organizations need to do, with the rising threat of attacks and threats of all kinds.
Security 5 Min Read

This Feels Scripted: Zeek Scripting and Splunk
Splunker Shannon Davis shares a closer look at updated searches for detecting SpookySSL.
Security 12 Min Read

Inside the Mind of a ‘Rat’ - Agent Tesla Detection and Analysis
The Splunk Threat Research Team (STRT) describes the different tactics, techniques and procedures mapped to the ATT&CK framework leveraged by the Agent Tesla remote access trojan.
Security 2 Min Read

SOC, Amore Mio! Following .italo's Tracks to a More Mature SOC
Recently I sat down with Enrico Maresca, CISO of .italo, to discuss their security operations strategy and double click into multiple lessons learned and best practices. Enrico shared insight into what good looks like when communicating to the Board of Directors, discussed cyber security topics and SecOps use case development strategies.
Security 2 Min Read

DORA will accelerate cloud migration in Financial Services
The much-anticipated Digital Operational Resilience Act (DORA) is finally here. This Regulation, applicable across the 27 EU Member States, provides a set of guidelines via which financial services organisations will need to prove that they are operationally resilient, i.e, they are able to withstand any unforeseen shocks.
Security 2 Min Read

Splunk Security Award-Winning Momentum in 2022
See why analysts continue to recognize that Splunk Security is a must-have when it comes to the need for SIEM and SOAR solutions.
Security 12 Min Read

Nothing PUNY About OpenSSL (CVE-2022-3602)
The Splunk SURGe team shares an outline of their interpretation of the CVE-2022-3602 vulnerability and what you can do to detect it in your environment.
Security 3 Min Read

Staff Picks for Splunk Security Reading October 2022
Check out October's list of presentations, whitepapers, and customer case studies that our Splunk security experts feel are worth a read.
Security 2 Min Read

The people have spoken and Splunk wins twice at the ITAwards
You know that us Splunkers love to go deep into use cases and figure out what helps our customers the most. However in today’s business world, industry recognition goes a long way in proving the value in the products and services we use.
Security 9 Min Read

Dark Crystal RAT Agent Deep Dive
The Splunk Threat Research Team (STRT) analyzed and developed Splunk analytics for this RAT to help defenders identify signs of compromise within their networks.
Security 2 Min Read

Splunk Security with the Infosec App
Get an overview of the InfoSec App for Splunk and learn more about what customers can achieve with it.
Security 3 Min Read

Play Now with BOTS Partner Experiences: Okta
Introducing our third BOTS Partner Experience with Identity-as-a-Service provider Okta!
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk LLC All rights reserved.