Security Blogs
Latest Articles
Splunk Tools & Analytics To Empower Threat Hunters
Calling all threat hunters! This article dives into the many Splunk tools and analytics that can help threat hunters in their day-to-day hunting activities.
UEBA Superpowers: Simplify Incident Investigations to Increase SOC Efficiency
Fernando Jorge explains how Splunk UBA simplifies incident investigations and enhances SOC efficiency with advanced machine learning and behavior analytics.
Splunk SOAR Playbook of the Month: Splunk Attack Analyzer Dynamic Analysis
For this Splunk SOAR Playbook of the Month, Splunker Coty Sugg shows how to use one of our out-of-the-box playbooks for faster, simpler, and more effective dynamic analysis.
Threat Hunting in 2024: Must-Have Resources & Tasks for Every Hunter
What are the most important things threat hunters do every day? We surveyed professionals and here are the must-have tasks and resources.
Splunk Named a Leader in the Gartner® Magic Quadrant™ for SIEM
Splunk has been named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM), which is the tenth consecutive time for Splunk in the Leaders Quadrant.
Splunk User Behavior Analytics (UBA) 5.4 Delivers FIPS Compliance and Advanced Anomaly Detection
Splunker Fernando Jorge walks us through enhancements and new features in the latest User Behavior Analytics (UBA) product update, version 5.4.0.
Building At-Scale User Behavior Analytics for Splunk UBA: Enhance Performance of Account & Device Exfiltration Models
Splunkers Ania Kacewicz, Cui Lin and Che-Lun Tsao discuss how the scalability performance of Account and Device Exfiltration models can be achieved in UBA V5.4.0.
Hunting M365 Invaders: Dissecting Email Collection Techniques
The Splunk Threat Research Team describes various methods attackers may leverage to monitor mailboxes, how to simulate them and how teams can detect them using Splunk’s out-of-the-box security content.
Elevating Security: The Growing Importance of Open Cybersecurity Schema Framework (OCSF)
Splunker Paul Agbabian shares what's new in the Open Cybersecurity Schema Framework (OCSF) and how profiles can augment the natural structure of event classes and categories.
Explore the AI Frontier in Splunk’s State of Security 2024
Splunk's State of Security 2024: The Race to Harness AI report reveals the insights, aspirations, and challenges of security leaders.
How To Start Threat Hunting: The Beginner's Guide
Ready to hunt threats? Starting a hunt in a new data environment? This is the place to begin! We've got you covered in this threat hunting 101 tutorial.
Staff Picks for Splunk Security Reading April 2024
Splunk security experts share their list of presentations, whitepapers, and customer case studies from April 2024 that they feel are worth a read.
Detecting & Hunting Named Pipes: A Splunk Tutorial
Named pipes can be threats, too. In this comprehensive article, we are going to talk about detecting, hunting and investigating named pipes.
From Water to Wine: An Analysis of WINELOADER
In this blog post we'll look closely at the WINELOADER backdoor and how Splunk can be used to detect and respond to this threat.
Splunk SOAR Playbook of the Month: Cisco Umbrella DNS Denylisting
Cisco and Splunk can help users achieve more comprehensive security with a playbook that combines the power of Cisco Umbrella and Splunk SOAR.
Splunk at RSAC 2024: Powering the SOC of the Future
Visit Splunk at RSAC 2024 and see how we can help you evolve to the SOC of the future.
UEBA Superpowers: Enhance Security Visibility with Rich Insights to Take Rapid Action Against Threats
Splunk UBA illuminates hidden corners of your org's digital ecosystem, providing unparalleled visibility into behaviors and patterns that define the network's pulse.
Detecting Lateral Movement with Splunk: How To Spot the Signs
Identifying lateral movement is so important, and it sure isn't easy. Using Splunk makes it a lot easier, and we'll show you how in this tutorial.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
