false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 2 Min Read

Top In-Demand Cybersecurity Skills in the Upcoming Years
Automation is optimizing SOC workflows but also shaking up the cybersecurity workspace. Skills that were once in high demand are decreasing in value. Splunker Matthias Maier took a closer look into cybersecurity developments and shares which cybersecurity skills professionals should be focussing on in the upcoming years.
Security 3 Min Read

Staff Picks for Splunk Security Reading March 2021
These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!
Security 5 Min Read

Automated Clean-up of HAFNIUM Shells and Processes with Splunk Phantom
Implement security playbooks to automatically delete Microsoft Exchange Webshells and terminate W3WP spawned processes with Splunk Phantom.
Security 2 Min Read

Analytics-Based Investigation and Automated Response with AWS + Splunk Security Solutions
Learn how AWS and these Splunk products work together to help you strengthen your security posture and defend against threats to your environment.
Security 2 Min Read

Orchestrate Framework Controls to Support Security Operations with Splunk SOAR
Learn more about how to identify use cases for automation and dive deeper into the five steps of designing security workflows around framework regulations
Security 4 Min Read

Only the Paranoid Survive, Recast for Cybersecurity
At TruSTAR, we want to highlight stories of success in defending cyberspace that can propagate as best practices. Read more about human dependencies, technical challenges and defining data to be shared.
Security 3 Min Read

How to Marie Kondo Your Incident Response with Case Management & Foundational Security Procedures
Learn how successful security teams “Marie Kondo” their security operations, cleaning up their “visible mess” to identify the true source of “disorder” (the cyber attack itself).
Security 13 Min Read

Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later…
Even if you haven’t uncovered Microsoft Exchange Vulnerabilities and malicious behavior, it is important to continue monitoring, particularly as more actors look to leverage these vulnerabilities for their own purposes.
Security 3 Min Read

Visual Link Analysis with Splunk: Part 4 - How is this Pudding Connected?
Starting with a single piece of data, use Splunk link analysis functionality to find related links going multiple levels down.
Security 3 Min Read

Splunk for OT Security V2: SOAR and More
OT attacks are on the rise, as we've seen from the Oldsmar water facility attack. the Splunk IoT, Manufacturing and Energy team has been hard at work improving Splunk for OT Security to help secure your environment.
Security 4 Min Read

Cloud Federated Credential Abuse & Cobalt Strike: Threat Research February 2021
Learn about the latest emerging threats, such as Cloud Federated Credential Abuse and Cobalt Strike, where bad actors are abusing credential privileges in cloud environments to gain unauthorized access.
Security 9 Min Read

Detecting HAFNIUM Exchange Server Zero-Day Activity in Splunk
This blog discusses how to detect HAFNIUM activity around the recent CVEs released affecting Exchange Server using Splunk and Splunk Enterprise Security.
Security 2 Min Read

Building a Superstar SOC with Automation and Standardization
Splunker Kelly Huang explains the how and why of standardizing your team's security processes to build a superstar SOC.
Security 4 Min Read

Stories of Cyber Defense Collaboration: Trustworthy Accountability Group (TAG)
Nicole Perloth’s new book, This is How They Tell Me the World Ends, details our past and troubling trajectory in cyberspace. It is a terrific and sobering read for both the initiated and uninitiated in information security. This doom and gloom title prompts the need for a blog series focusing on slivers of success in defending cyberspace that can propagate as best practices.
Security 2 Min Read

From the SecOps Kitchen: Why Operators of Essentials Services Need to Prepare Now
How can you be agile and map technical security activities back to the overall goal to reduce the business risk and become cyber resilient while being sensitive to costs and FTE needs at the same time? Find out more in this article.
Security 2 Min Read

Automating With Splunk Phantom: How Norlys Does It
Learn why Denmark’s largest power, utility and telecommunications company turned to Splunk Phantom, Splunk’s security orchestration, automation and response (SOAR) technology, to automate manual workflows, repetitive tasks and difficult-to-maintain processes.
Security 4 Min Read

Splunk SOAR Playbooks: Crowdstrike Malware Triage
Splunk Phantom and Crowdstrike together allows you to have a smooth operational flow from detecting endpoint security alerts to operationalizing threat intelligence and automatically taking the first few response steps – all in a matter of seconds.
Security 3 Min Read

Staff Picks for Splunk Security Reading February 2021
These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Privacy
Sitemap
Cookies / Do not sell or share my personal data
Website Terms of Use
Modern Slavery

© 2005 - 2025 Splunk LLC All rights reserved.