Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Splunk Named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022
We’re thrilled to share that Splunk has been named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022.
Zoom. Enhance!: Finding Value in Macro-level ATT&CK Reporting
Blog description
Staff Picks for Splunk Security Reading December 2022
Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read.
Using Splunk to Secure Your Productivity and Team Collaboration Environment
See how Splunk helps teams work and collaborate securely while using Google Chrome and Google Workspace.
Splunk Named a Leader in the 2022 IDC MarketScape for SIEM
See why Splunk earned a spot in the 'Leaders' category in the 2022 IDC MarketScape for worldwide SIEM software.
Do More with Splunk Security Essentials 3.7.0
Check out some highlights of the new features available in Splunk Security Essentials 3.7.0.
Visualising a Space of JA3 Signatures With Splunk
One common misconception about machine learning methodologies is that they can completely remove the need for humans to understand the data they are working with. In reality, it can often place a greater burden on an analyst or engineer to ensure that their data meets the requirements, cleanliness and standardization assumed by the methodologies used. However, when the complexity of the data becomes significant, how is a human supposed to keep up? One methodology is to use ML to find ways to keep a human in the loop!
Machine Learning in Security: Deep Learning Based DGA Detection with a Pre-trained Model
The Splunk Machine Learning for Security team introduces a new detection to detect Domain Generation Algorithms generated domains.
Detecting Cloud Account Takeover Attacks: Threat Research Release, October 2022
The Splunk Threat Research Team shares a closer look at the telemetry available in Azure, AWS and GCP and the options teams have to ingest this data into Splunk.
From Macros to No Macros: Continuous Malware Improvements by QakBot
This blog, the Splunk Threat Research Team (STRT) showcases a year's evolution of QakBot. We also dive into a recent change in tradecraft meant to evade security controls. Last, we reverse engineered the QakBot loader to showcase some of its functions.
Splunk Integrates with Amazon Security Lake to Deliver Analytics Using the Open Cybersecurity Schema Framework
We're proud to be one of the early partners of Amazon Security Lake, allowing joint Splunk and AWS customers to efficiently ingest the OCSF-compliant data to help improve threat detection, investigation and response.
How Good is ClamAV at Detecting Commodity Malware?
We ran over 400,000 instances of malware to see how good ClamAV really is. Here's the data.
Staff Picks for Splunk Security Reading November 2022
Hello, everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read. We hope you enjoy.
NIS2 is coming… What does it mean?
On 28th November, European Member States formally adopted the revision of the Network and Information Security Directive (NIS2) (EN, DE, FR). The Directive will enter into force before the end of the year, but will only be applicable after EU Member States transpose the Directive into national law - by September 2024. So now is the time for a heads-up about the upcoming changes and what they will mean for your cybersecurity operations.
Explore the Splunk SOAR Adoption Maturity Model
SOAR helps you orchestrate security workflows and automate tasks in seconds to empower your SOC, work smarter and respond faster. Increasingly, security automation is becoming seen as a milestone in maturing your security operations. And maturing security operations is something all organizations need to do, with the rising threat of attacks and threats of all kinds.
This Feels Scripted: Zeek Scripting and Splunk
Splunker Shannon Davis shares a closer look at updated searches for detecting SpookySSL.
Inside the Mind of a ‘Rat’ - Agent Tesla Detection and Analysis
The Splunk Threat Research Team (STRT) describes the different tactics, techniques and procedures mapped to the ATT&CK framework leveraged by the Agent Tesla remote access trojan.
SOC, Amore Mio! Following .italo's Tracks to a More Mature SOC
Recently I sat down with Enrico Maresca, CISO of .italo, to discuss their security operations strategy and double click into multiple lessons learned and best practices. Enrico shared insight into what good looks like when communicating to the Board of Directors, discussed cyber security topics and SecOps use case development strategies.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
