Skip to main content
false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 2 Min Read

Introducing Synthetic Adversarial Log Objects (SALO)
Synthetic Adversarial Log Objects (SALO) is a framework for the generation of log events without the need for infrastructure or actions to initiate the event that causes a log event. Learn more about its purpose and how you can utilize it.
Security 2 Min Read

Staff Picks for Splunk Security Reading January 2022
Welcome to the Splunk staff picks blog. Each month, Splunk security experts select presentations, white papers, and customer case studies that we feel are worth a read. We hope you enjoy.
Security 11 Min Read

Threat Advisory: STRT-TA02 - Destructive Software
The focus of this threat advisory is on a recently reported destructive payload by Microsoft MSTIC under the name of WhisperGate. We break down the different components and functions of how this payload works and provide a series of detections to mitigate and defend against this threat.
Security 7 Min Read

Approaching Linux Post-Exploitation with Splunk Attack Range
An introduction to linux post exploitation simulation and threat detection using Splunk Attack Range and linux Sysmon.
Security 3 Min Read

Refined User Experience, New Executive Visibility, and Enhanced Cloud Monitoring with Splunk Enterprise Security 7.0
Check out the latest Security Analytics enhancements to Splunk Enterprise Security with our latest 7.0 release.
Security 9 Min Read

Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021
Start detection against behaviors and TTPs from a Remcos loader that utilizes DynamicWrapperX (dynwrapx.dll) to execute shellcode and inject Remcos RAT into the target process.
Security 2 Min Read

Introducing ATT&CK Detections Collector
Automate and simplify finding detections against ATT&CK techniques used by adversaries with Splunk SURGe's open-sourced project, ATT&CK Detections Collector (ADA).
Security 2 Min Read

Staff Picks for Splunk Security Reading December 2021
Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, white papers, and customer case studies that we feel are worth a read.
Security 13 Min Read

Simulating, Detecting, and Responding to Log4Shell with Splunk
Splunk Threat Research Team simulated the Log4j vulnerabilities in the Splunk Attack Range. Using the data collected, we developed 13 new detections and 9 playbooks to help Splunk SOAR customers investigate and respond to this threat.
Security 3 Min Read

Splunk SOAR Playbooks: TruSTAR Indicator Enrichment
Learn about the TruSTAR Indicator Enrichment playbook, providing a strong foundation for utilizing threat intelligence in SOAR.
Security 9 Min Read

Log4Shell - Detecting Log4j Vulnerability (CVE-2021-44228) Continued
Good news, you can use Splunk to proactively hunt using Network Traffic and DNS query logs data sources to detect potential Log4Shell exploit. From Splunk SURGe, learn even more detections against CVE-2021-44228.
Security 12 Min Read

Active Directory Lateral Movement Detection: Threat Research Release, November 2021

The Splunk Threat Research Team recently updated the Active Directory Lateral Movement analytic story to help security operations center (SOC) analysts detect adversaries executing these techniques within Windows Active Directory (AD) environments.
Security 9 Min Read

Log4Shell - Detecting Log4j 2 RCE Using Splunk
A serious remote code execution (RCE) vulnerability (CVE-2021-44228) in the popular open source Apache Log4j logging library poses a threat to thousands of applications and third-party services that leverage this library. From Splunk SURGe, learn how you can detect Log4j 2 RCE using Splunk.
Security 6 Min Read

Splunk For OT Security: Perimeter And Vulnerability Evolution
This blog focuses on the latest enhancements made to Splunk's OT Security Add-on, including highlighting key features and improvements that have been made in version 2.1
Security 2 Min Read

Staff Picks for Splunk Security Reading November 2021
Hello everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, white papers, and customer case studies that we feel are worth a read. We hope you enjoy.
Security 3 Min Read

Hyperledger Fabric Security Monitoring with Splunk
In this post, we demonstrate how to set up effective security monitoring of your Hyperledger Fabric infrastructure. We identify some common threats, recognize key data sources to monitor, and walk through using Splunk to ingest and visualize your data.
Security 5 Min Read

Securing DevSecOps - Threat Research Release October 2021

Learn how you can secure your development security operations with pre-built and tested Splunk detections and automated playbooks.
Security 7 Min Read

Detecting Remcos Tool Used by FIN7 with Splunk
The following is a walkthrough of Remcos executed via Attack Range Local. We will go over some of the multiple and intrusive operations this remote access tool can execute at compromised hosts.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk LLC All rights reserved.