Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Strengthen Digital Resilience with Unified Security Operations
Splunk Mission Control offers a unified, simplified, and modernized security operations experience which reduces complexity and reduces risk.
Overcome Cybersecurity Challenges to Improve Digital Resilience
Discover how embracing automation, unifying security operations and tackling security as a data problem helps organizations overcome the challenges posed to cybersecurity effectiveness and digital resilience.
Threat Advisory: SwiftSlicer Wiper STRT-TA03
The Splunk Threat Research Team shares a closer look at the SwiftSlicer wiper, a new payload discovered by ESET and found in a recent January 2023 campaign.
Don’t boil the ocean: A technologist’s take on prioritisation in sustainability
Even if manufacturing isn’t close to your heart, you’d have to be pretty cold not to care about sustainability in 2023. Let's get a technologist’s take on prioritisation in sustainability.
Splunk Observability & Security Weeks - Best Practices for Strong Cyber Resilience and Business Success
This March, we are holding two weeks of virtual sessions across EMEA, packed with thought provoking and educational content to suit everyone. Whether your area of expertise is in security or IT & observability — we’ve got you covered.
Staff Picks for Splunk Security Reading February 2023
Explore the latest list of presentations, whitepapers, and customer case studies that our Splunk security experts feel are worth a read.
Fantastic IIS Modules and How to Find Them
This blog showcases how to enable and ingest IIS operational logs, utilize PowerShell scripted inputs to ingest installed modules and simulate AppCmd and PowerShell adding new IIS modules and disable HTTP logging using Atomic Red Team.
All the Proxy(Not)Shells
The Splunk Threat Research Team walks through exploitation of ProxyShell and ProxyNotShell using MetaSploit, and hunts through data in Splunk to showcase different avenues for defenders to identify malicious activity.
Using MITRE ATT&CK in Splunk Security Essentials
Discover how you can use the ATT&CK framework for a wide array of use cases and to answer a wide range of questions in Splunk Security Essentials (SSE).
Staff Picks for Splunk Security Reading January 2023
Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read.
All of Us Can Defend Each of Us
Splunk's Global Security Strategist Mick Baccio shares his experience attending Hackers on the Hill and invites you to join him and SURGe leader, Ryan Kovar, for the Data Security Predictions 2023 webinar.
Detect Faster, Rapidly Scope an Incident, and Streamline Security Workflows with Splunk Enterprise Security 7.1
Splunk Enterprise Security 7.1 offers new capabilities to help security teams detect suspicious behavior in real-time, quickly discover the scope of an incident to respond accurately, and improve security workflow efficiencies using embedded frameworks.
Putting the 'E' in Team: Solution Integration Enablement for Security Build Motion Partners
Cybersecurity requires a strong team – that's why Splunk has developed a new enablement course for our security partners to help create a better team for our customers.
From Registry With Love: Malware Registry Abuses
The Splunk Threat Research Team explores the common Windows Registry abuses leveraged by current and relevant malware families in the wild and how to detect them.
Introducing Attack Range v3.0
Explore the new features introduced in version 3.0 of the Splunk Attack Range, aimed at helping you build resilient, high-quality threat detections.
PCI Compliance Done Right with Splunk
Check out the added features to support PCI compliance in the latest Splunk App for PCI Compliance version 5.1, now generally available.
CISA Top Malware Summary
This blog summarizes the Splunk Threat Research Team’s (STRT) recent review of the CISA Top 10 Malware strains for the year 2021 report.
Unknown and unseen, the cyberwar between Crimsonia and Berylia
First week of December, unbeknown to many the island of Berylia engaged in cyberwarfare with their neighbors Crimsonia after a number of months of heightened tensions. The goal of the Berylian attackers was to disable as many critical infrastructure components of the Crimsonian Ministry of Defense in order to prevent the Crimsonian Navy from sailing. This would give the Berylian fleet the time to aid and protect critical locations and assets.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
