Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Which of Gartner’s 2019 Top 7 Security and Risk Management Trends Are Impacting Your Business? - Part III
Last and final part of our 3-part blog series in which we review Gartner's Security and Risk Trends 2019 and give advise on how to tackle them.
New: Machine Learning in Splunk Enterprise Security Content Update
Use machine learning techniques to identify outliers in security-related data with a new probability-density function algorithm in Splunk's Machine Learning Toolkit (MLTK)
Monitor for, Investigate, and Respond to Phishing Payloads with Splunk Enterprise Security Content Update
Detect, investigate, and defend signs of phishing payloads in your environment with Splunk Enterprise Security Content Update (ESCU)
Boss of the SOC (BOTS) Advanced APT Hunting Companion App: Now Available on Splunkbase
If you want to learn more about threat hunting with Splunk, this app in conjunction with the BOTSv2 data set is just the answer!
Threat Intel and Splunk Enterprise Security Part 2 - Adding Local Intel to Enterprise Security
Splunker John Stoner shares a walkthrough for how to add local threat intelligence into Splunk Enterprise Security
Boss of the SOC 2.0 Dataset, Questions and Answers Open-Sourced and Ready for Download
You asked, we delivered – Boss of the SOC 2.0 has been open sourced, including dataset, questions, answers and even a scoring server update!
SIEM: The Steps Before "The First Steps"
Laying the groundwork before taking those first crucial steps towards the best SIEM for your business
Wire Data, Huh! What Is It Good For? Absolutely Everything, Say It Again Now!
A brief overview of wire data, its uses and sources, and the new Splunk Essentials for Wire Data app
Modifying the Incident Review Page
How to modify the Incident Review page and add information to Notable Events in Splunk Enterprise Security
ATT&CK-ing the Adversary: Episode 3 – Operationalizing ATT&CK with Splunk
In the final episode in the MITRE ATT&CK trilogy, we focus on applying what we learned and operationalizing it with ATT&CK to assist our security operations
ATT&CK-ing the Adversary: Episode 2 - Hunting with ATT&CK in Splunk
Using MITRE ATT&CK to focus your threat hunting in Splunk
| datamodel Endpoint
Discover what's new in Splunk Common Information Model (CIM) 4.12
Shifting Mindsets: Modernizing the Security Operations Center
How to go from an 'old school' to a 'new school' defender
“Are We Secure?” Lessons Learned From The CISO Of A Leading Saudi Bank
A Splunk customer's presentation at Gartner’s 2018 Security Risk and Management Summit
Go With the Flow - Network Telemetry (VPC Data) in AWS
This blog post describes how to use VPC data from AWS in Splunk to hunt hunt hunt!
CloudTrail - Digital Breadcrumbs for AWS
This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it
Three Questions For Empowering Security: From Gartner’s Risk and Security Management Summit Europe
Key takeaways from this year's Gartner Risk and Security Management Summit Europe
I Azure You, This Will Be Useful
This blog post describes how to use Azure Active directory for basic hunting and discovery
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
