Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
What Keeps the CISO Awake at Night? Four Dreaded Security Headlines
Would your organization's security team be prepared if these headlines appear in tomorrow's news?
Domestic Intelligence Service of the Federal Republic of Germany Warns About Cyber Attacks
What's happened, how to investigate if you've been affected and what you should do next.
Knowledge is Power: Guidance from ICO and NCSC on GDPR Security Outcomes
The GDPR learnings are ongoing - are you keeping up?
Boss of the SOC (BOTS) Investigation Workshop for Splunk
You've played BOTS with Splunk, now learn the how it all happened? This post discusses a new tutorial app that you can run on the BOTS v1 dataset to learn more about BOTS and have an educational workshop at home (or office)
Boss of the SOC Scoring Server, Questions and Answers, and Dataset! Open-Sourced and Ready for Download
We have open-sourced the Boss of the SOC dataset (ver1.0) and BOT(S|N) scoring server. They can be used to run your own CTF, perform research, or train your internal users!
Strengthen Your SIEM And Be Ready For The GDPR
When facing the GDPR, your SIEM solution can be a great support for your organisation's compliance strategy, but if not strengthened - it can also be your downfall.
Use Investigation Workbench to Reduce Time to Contain and Time to Remediate
The latest version of Splunk Enterprise Security v 5.0 introduces Investigation Workbench, which streamlines investigations and accelerates incident response
Ensuring Success with Splunk ITSI - Part 1: Thresholding Basics
Practical step-by-step guidance to configure ITSI to produce accurate and trusted alerts
Detecting Typosquatting, Phishing, and Corporate Espionage with Enterprise Security Content Update
Splunk’s Enterprise Security Content Update (ESCU) app can provide you with early warnings and situational awareness—powerful elements of an effective defense against adversaries
Tall Tales of Hunting with TLS/SSL Certificates
TLS and SSL certificates are a great way to hunt advanced adversaries. Collect them with Splunk Stream, Bro, or Suricata and hunt in your own data!
Splunk Named a Leader in Gartner SIEM Magic Quadrant for the Fifth Straight Year
Gartner's 2017 Magic Quadrant for Security Information and Event Management names Splunk a leader for the fifth straight year
What’s Cyber Security Week like for Splunk? it-sa gold!
Two gold awards and a successful it-sa event - that's how Splunk does Cyber Security Week!
What You Need to Know About Boss of the SOC
We introduced a new security activity at .conf2016 called “Boss of the SOC” (or BOTS), born from our belief that learning can be both realistic and fun.
The GDPR: Ready for the wakeup call from your Data Privacy Officer?
How machine data can help organisations prepare for GDPR and support their compliance programmes
What hygiene has to do with security: Infosec17 Recap
In a wrap up of Infosecurity Europe 2017, Matthias Maier shares the topics, trends and big win of the week.
Splunk and Tensorflow for Security: Catching the Fraudster with Behavior Biometrics
Raising the barrier for fraudsters and attackers: how to leverage Splunk and Deep Learning frameworks to discover Behavior Biometrics patterns within user activities
Punycode phishers - All you need to know
Unicode domains can be used for homograph attacks. Learn what they are and how users can be tricked.
Assigning Role Based Permissions in Splunk Enterprise Security
Learn how to add a new role in Enterprise Security and apply capabilities to it
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
