Skip to main content
false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 8 Min Read

REvil Ransomware Threat Research Update and Detections
On July 2, 2021, REvil group used Kaseya to distribute malware to its on-premises customers. Splunk has pushed out guidance to help understand and detect REvil. Learn more about the REvil ransomeware group, their tactics, and how to detect them using Splunk.
Security 19 Min Read

Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt
Kaseya VSA, remote monitoring management (RMM) software heavily used by managed service providers (MSP), was compromised by REvil, and is being used to distribute ransomware to its on-premises customers. Find out more on how to detect REvil in your environment.
Security 3 Min Read

Fashionably Late: The Zero Trust Trend is Here to Stay
Whether you were hip to the zero trust trend before it started being cool, or are arriving fashionably late, learn how to leverage a data-driven approach to achieve zero trust outcomes and improve the overall security capabilities of the organization in the process.
Security 7 Min Read

I Pity the Spool: Detecting PrintNightmare CVE-2021-34527
Read on for details around Detect PrintNightmare (CVE-2021-34527), a critical vulnerability that affects the Print Spooler service and can perform remote code execution.
Security 5 Min Read

Staff Picks for Splunk Security Reading June 2021
Security 2 Min Read

SOARing to the Clouds with Splunk SOAR
Now available as part of Splunk Cloud, Splunk SOAR further delivers on our promise to modernize security operations – read on to learn more.
Security 3 Min Read

Introducing the World’s First Modern Cloud-Based SecOps Platform: Splunk Security Cloud
Announcing the new Splunk Security Cloud – the only data-centric modern security operations platform that delivers enterprise-grade advanced security analytics, automated security operations, and threat intelligence with an open, unparalleled ecosystem.
Security 4 Min Read

Splunk SOAR Playbooks: GCP Unusual Service Account Usage
In this new Splunk SOAR Playbook, we'll show how a Splunk Enterprise search can trigger automated enrichment, an analyst prompt, and rapid response actions to prevent damage caused by malicious account access.
Security 2 Min Read

Super Speed with Phantom Slash Commands
Splunker Olivia Courtney shares a walkthrough of what you can do with the power of Phantom Slash Commands to investigate Splunk Phantom events.
Security 5 Min Read

Detecting Password Spraying Attacks: Threat Research Release May 2021
The Splunk Threat Research team walks you through a new analytic story to help SOC analysts detect adversaries executing password spraying attacks, and highlights a few detections from the May 2021 releases.
Security 3 Min Read

Tales of a Principal Threat Intelligence Analyst
Discover how threat intelligence can offer valuable insights to help fend off future attacks, no matter how covert or cunning they appear to be.
Security 4 Min Read

A Deeper Dive into TruSTAR Intel Workflows
Learn about TruSTAR's API 2.0, featuring TruSTAR Intel Workflows. This blog post provides a look at some technical aspects of the Indicator Prioritization Intel Workflow.
Security 10 Min Read

EO, EO, It’s Off to Work We Go! (Protecting Against the Threat of Ransomware with Splunk)
We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.
Security 1 Min Read

Understanding Splunk Phantom’s Join Logic
Have you ever built complex playbooks and tested them, only to find that they halted execution mid-stream? That’s probably because of your ‘join’ settings – read on to learn more.
Security 2 Min Read

Easily Automate Across Your AWS Environments with Splunk Phantom
Splunk Phantom now has the flexibility to let you easily manage your AWS environment across hundreds or thousands of accounts – read on to learn more.
Security 5 Min Read

Partner Spotlight: IT-ISAC Members Automate and Simplify Intelligence Sharing with TruSTAR
We recently interviewed IT-ISAC Executive Director Scott Algeier to discuss why the organization chose to partner with TruSTAR, and the benefits its members are experiencing using TruSTAR to simplify integrations, automate data flows and make intel more actionable.
Security 2 Min Read

Staff Picks for Splunk Security Reading May 2021
Check out the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read.
Security 8 Min Read

Advanced Link Analysis, Part 3 - Visualizing Trillion Events, One Insight at a Time
Learn how to get actionable insights from large datasets using link analysis in the third installment of our Advanced Link Analysis series, showcasing the interactive visualization of advanced link analysis with Splunk partner, SigBay.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk LLC All rights reserved.