Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Tales of a Principal Threat Intelligence Analyst
Discover how threat intelligence can offer valuable insights to help fend off future attacks, no matter how covert or cunning they appear to be.
A Deeper Dive into TruSTAR Intel Workflows
Learn about TruSTAR's API 2.0, featuring TruSTAR Intel Workflows. This blog post provides a look at some technical aspects of the Indicator Prioritization Intel Workflow.
EO, EO, It’s Off to Work We Go! (Protecting Against the Threat of Ransomware with Splunk)
We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.
Understanding Splunk Phantom’s Join Logic
Have you ever built complex playbooks and tested them, only to find that they halted execution mid-stream? That’s probably because of your ‘join’ settings – read on to learn more.
Easily Automate Across Your AWS Environments with Splunk Phantom
Splunk Phantom now has the flexibility to let you easily manage your AWS environment across hundreds or thousands of accounts – read on to learn more.
Partner Spotlight: IT-ISAC Members Automate and Simplify Intelligence Sharing with TruSTAR
We recently interviewed IT-ISAC Executive Director Scott Algeier to discuss why the organization chose to partner with TruSTAR, and the benefits its members are experiencing using TruSTAR to simplify integrations, automate data flows and make intel more actionable.
Staff Picks for Splunk Security Reading May 2021
Check out the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read.
Advanced Link Analysis, Part 3 - Visualizing Trillion Events, One Insight at a Time
Learn how to get actionable insights from large datasets using link analysis in the third installment of our Advanced Link Analysis series, showcasing the interactive visualization of advanced link analysis with Splunk partner, SigBay.
SOAR in Seconds with Splunk Feature Overviews
Get a quick overview of Splunk's SOAR tool, Splunk Phantom, and the main features within.
TruSTAR Intel Workflows Series: 3 Stages of the Prioritized Indicator Intel Workflow
This blog series explains our motivations for building this feature, how it works, and how users can better inform security operations. In this section, we dive into the three stages of the Prioritized Indicator Intel Workflow.
Little Code, Big Impact: Easily Scale your Security Automation with Splunk SOAR
Discover how our latest revision of Splunk Phantom’s 'custom functions' make playbook creation and execution faster and easier than ever with the ability to create shareable custom code across playbooks while introducing complex data objects into the playbook execution path.
DarkSide Ransomware: Splunk Threat Update and Detections
Splunk Threat Research Team (STRT) replicated the DarkSide Ransomware Attack and has released an Analytic Story with several detection searches directed at community shared IOCs.
Presidential Executive Order: “Collect and Preserve” Incident Data. Is this the Catalyst for Cybersecurity’s Black Box?
President Biden’s Executive Order (EO) on Improving the Nation’s Cybersecurity defines a solid path forward for the Federal government and its suppliers to address systemic problems in defending cyberspace.
The DarkSide of the Ransomware Pipeline
Learn about the Colonial Pipeline ransomware attack and how you can start detecting and remediating DarkSide's activities and attack using Splunk.
A Threat As Old As The Internet: Why We Still Care About Malware (And Why You Should Too)
Splunk's CISO Yassir Abousselham dives into why — as IT and security leaders — we need to come up with comprehensive strategies to specifically mitigate malware attacks.
Threat Hunter Intelligence Report
Welcome to Splunk’s Threat Hunter Intelligence Report, a monthly series brought to you by Splunk’s threat hunting and intelligence (THI) team sharing the latest cybersecurity threats and trends to help organizations stay one step ahead of adversaries, one report at a time.
TruSTAR Intel Workflows Series: Automating Data Workflows to Unlock Investments in SIEM, SOAR and XDR
We recently introduced TruSTAR Intel Workflows.This blog series explains our motivations for building this feature, how it works, and how users can better inform security operations. This is Part 2: How TruSTAR Intel Workflows Work.
Find the Fingerprints and Traces of Threats with Splunk at RSAC 2021
Splunk's heading to RSAC 2021, are you? Take a peak at our upcoming sessions and don't forget to tune into our CEO Doug Merritt's keynote when he takes the RSAC main stage.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
