Skip to main content
false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 2 Min Read

SOAR in Seconds with Splunk Feature Overviews
Get a quick overview of Splunk's SOAR tool, Splunk Phantom, and the main features within.
Security 4 Min Read

TruSTAR Intel Workflows Series: 3 Stages of the Prioritized Indicator Intel Workflow
This blog series explains our motivations for building this feature, how it works, and how users can better inform security operations. In this section, we dive into the three stages of the Prioritized Indicator Intel Workflow.
Security 1 Min Read

Little Code, Big Impact: Easily Scale your Security Automation with Splunk SOAR
Discover how our latest revision of Splunk Phantom’s 'custom functions' make playbook creation and execution faster and easier than ever with the ability to create shareable custom code across playbooks while introducing complex data objects into the playbook execution path.
Security 6 Min Read

DarkSide Ransomware: Splunk Threat Update and Detections
Splunk Threat Research Team (STRT) replicated the DarkSide Ransomware Attack and has released an Analytic Story with several detection searches directed at community shared IOCs.
Security 3 Min Read

Presidential Executive Order: “Collect and Preserve” Incident Data. Is this the Catalyst for Cybersecurity’s Black Box?
President Biden’s Executive Order (EO) on Improving the Nation’s Cybersecurity defines a solid path forward for the Federal government and its suppliers to address systemic problems in defending cyberspace.
Security 8 Min Read

The DarkSide of the Ransomware Pipeline
Learn about the Colonial Pipeline ransomware attack and how you can start detecting and remediating DarkSide's activities and attack using Splunk.
Security 3 Min Read

A Threat As Old As The Internet: Why We Still Care About Malware (And Why You Should Too)
Splunk's CISO Yassir Abousselham dives into why — as IT and security leaders — we need to come up with comprehensive strategies to specifically mitigate malware attacks.
Security 1 Min Read

Threat Hunter Intelligence Report

Welcome to Splunk’s Threat Hunter Intelligence Report, a monthly series brought to you by Splunk’s threat hunting and intelligence (THI) team sharing the latest cybersecurity threats and trends to help organizations stay one step ahead of adversaries, one report at a time.
Security 3 Min Read

TruSTAR Intel Workflows Series: Automating Data Workflows to Unlock Investments in SIEM, SOAR and XDR
We recently introduced TruSTAR Intel Workflows.This blog series explains our motivations for building this feature, how it works, and how users can better inform security operations. This is Part 2: How TruSTAR Intel Workflows Work.
Security 3 Min Read

Find the Fingerprints and Traces of Threats with Splunk at RSAC 2021
Splunk's heading to RSAC 2021, are you? Take a peak at our upcoming sessions and don't forget to tune into our CEO Doug Merritt's keynote when he takes the RSAC main stage.
Security 2 Min Read

Splunk SOAR Playbooks: Suspicious Email Domain Enrichment
This playbook focuses specifically on domain names contained in the ingested email, and it uses Cisco Umbrella Investigate to add the risk score, risk status, and domain category to the event in Splunk SOAR.
Security 3 Min Read

Cybersecurity’s Moneyball Transformation
What do baseball and cybersecurity have in common? Nothing, at first glance. But, take a deeper look and you can see the glaring similarities. That's because cybersecurity is going through its Moneyball transformation right now. Read this blog post to learn more.
Security 4 Min Read

TruSTAR Intel Workflows Series: Shifting from App-Centric to Data-Centric Security Operations
TruSTAR recently introduced API 2.O featuring TruSTAR Intel Workflows. This blog series will explain our motivations for building this feature, how it works, and how users can better inform security operations.
Security 4 Min Read

Clop Ransomware Detection: Threat Research Release, April 2021

Discover how the Splunk Threat Research Team focused their research efforts on Clop Ransomware detections to help organizations detect abnormal behavior faster before it becomes detrimental.
Security 3 Min Read

Staff Picks for Splunk Security Reading April 2021
Security 3 Min Read

Splunk and Zscaler Utilize Data and Zero Trust to Eradicate Threats
Splunk and Zscaler have partnered to deliver a superior approach to security. Our tightly integrated, best-of-breed cloud security and security analytics platforms deliver a cloud experience for the modern, cloud-first enterprise.
Security 10 Min Read

SUPERNOVA Redux, with a Generous Portion of Masquerading
A review of the Pulse Secure attack where the threat actor connected to the network via a the Pulse Secure virtual private network (VPN), moved laterally to its SolarWinds Orion server, installed the SUPERNOVA malware, and collected credentials, all while masquerading the procdump.exe file and renamed it as splunklogger.exe.
Security 2 Min Read

Streamlining Vulnerability Management with Splunk Phantom
Manage the entire lifecycle of vulnerability management with automation and orchestration using Splunk’s SOAR technology, Splunk Phantom, to automate actions and reduce the time spent on patch management by 40%.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk LLC All rights reserved.