Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Introducing Splunk Attack Range v2.0
The Splunk Attack Range project has officially reached the v2.0 release with a host of new features – get all the details from the Splunk Threat Research Team.
Staff Picks for Splunk Security Reading June 2022
Hello, everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read.
To check out our previous staff security picks, take a peek here. We hope you enjoy.
Security Advisories for Splunk 9.0
On June 14, 2022 Splunk published eight Security Advisories regarding vulnerabilities related to Splunk Enterprise and Splunk Cloud Platform. To help you leverage the available resources we’ve gathered a number of resources in this post.
Threat Update: Industroyer2
The Splunk Threat Research Team offers an analysis of relevant detection opportunities of one of the new malicious payloads found by the Ukranian CERT named 'Industroyer2.'
SANS 2022 SOC Survey: A Look Inside
Check out this detailed summary of the SANS 2022 SOC Survey sponsored by Splunk to explore the latest trends in security operations.
Atlassian Confluence Vulnerability CVE-2022-26134
Get a closer look at the Atlassian Confluence Vulnerability CVE-2022-26134, including a breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.
Truth in Malvertising?
The Splunk SURGe team tests the veracity of the findings from LockBit's February 2021 study on ransomware encryption speeds.
RCE à La Follina (CVE-2022-30190)
The Splunk SURGe team offers a closer look into the Follina MS Office RCE, including a breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.
Publish Your Splunk SOAR Apps Faster
The process for our technology partners to publish their SOAR Apps to Splunkbase just got faster and simpler.
Staff Picks for Splunk Security Reading May 2022
Hello, everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read. We hope you enjoy.
Threat Update: AcidRain Wiper
The Splunk Threat Research Team shares the details on the new malicious payload named AcidRain, designed to wipe modem or router devices (CPEs).
How Playbook Packs Drive Scalable Automation
See how pre-built Playbook Packs from Splunk can help augment your security analysts with automation that scales with your organization’s maturity.
Springing 4 Shells: The Tale of Two Spring CVEs
The Splunk Threat Research Team (STRT) shares detection opportunities in different stages of successful Spring4Shell exploitation.
Detecting Active Directory Kerberos Attacks: Threat Research Release, March 2022
Learn more about the Splunk Threat Research Team's new analytic story to help SOC analysts detect adversaries abusing the Kerberos protocol to attack Windows Active Directory environments
Splunk SOAR Recognized in Forrester Now Tech: SOAR, Q2 2022 Report
Splunk SOAR recognized within Forrester’s report Now Tech: Security Orchestration, Automation, And Response (SOAR), Q2 2022.
Bringing Data-Centric Security to RSAC 2022
Check out what Splunk has in store at RSA Conference 2022, including theater sessions, demos and a keynote presentation from Splunk CEO Gary Steele.
Threat Update: Cyclops Blink
The Splunk Threat Research Team shares the latest on the payload named Cyclops Blink, which seems to target Customer Premise Equipment devices (CPE) generally prevalent in commercial and residential locations enabling internet connectivity.
CI/CD Detection Engineering: Dockerizing for Scale, Part 4
Get the latest from the Splunk Threat Research Team on CI/CD Detection Engineering.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
