Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Splunk User Behavior Analytics (UBA) 5.4 Delivers FIPS Compliance and Advanced Anomaly Detection
Splunker Fernando Jorge walks us through enhancements and new features in the latest User Behavior Analytics (UBA) product update, version 5.4.0.
Building At-Scale User Behavior Analytics for Splunk UBA: Enhance Performance of Account & Device Exfiltration Models
Splunkers Ania Kacewicz, Cui Lin and Che-Lun Tsao discuss how the scalability performance of Account and Device Exfiltration models can be achieved in UBA V5.4.0.
Hunting M365 Invaders: Dissecting Email Collection Techniques
The Splunk Threat Research Team describes various methods attackers may leverage to monitor mailboxes, how to simulate them and how teams can detect them using Splunk’s out-of-the-box security content.
Elevating Security: The Growing Importance of Open Cybersecurity Schema Framework (OCSF)
Splunker Paul Agbabian shares what's new in the Open Cybersecurity Schema Framework (OCSF) and how profiles can augment the natural structure of event classes and categories.
Explore the AI Frontier in Splunk’s State of Security 2024
Splunk's State of Security 2024: The Race to Harness AI report reveals the insights, aspirations, and challenges of security leaders.
How To Start Threat Hunting: The Beginner's Guide
Ready to hunt threats? Starting a hunt in a new data environment? This is the place to begin! We've got you covered in this threat hunting 101 tutorial.
Staff Picks for Splunk Security Reading April 2024
Splunk security experts share their list of presentations, whitepapers, and customer case studies from April 2024 that they feel are worth a read.
Detecting & Hunting Named Pipes: A Splunk Tutorial
Named pipes can be threats, too. In this comprehensive article, we are going to talk about detecting, hunting and investigating named pipes.
From Water to Wine: An Analysis of WINELOADER
In this blog post we'll look closely at the WINELOADER backdoor and how Splunk can be used to detect and respond to this threat.
Splunk SOAR Playbook of the Month: Cisco Umbrella DNS Denylisting
Cisco and Splunk can help users achieve more comprehensive security with a playbook that combines the power of Cisco Umbrella and Splunk SOAR.
Splunk at RSAC 2024: Powering the SOC of the Future
Visit Splunk at RSAC 2024 and see how we can help you evolve to the SOC of the future.
UEBA Superpowers: Enhance Security Visibility with Rich Insights to Take Rapid Action Against Threats
Splunk UBA illuminates hidden corners of your org's digital ecosystem, providing unparalleled visibility into behaviors and patterns that define the network's pulse.
Detecting Lateral Movement with Splunk: How To Spot the Signs
Identifying lateral movement is so important, and it sure isn't easy. Using Splunk makes it a lot easier, and we'll show you how in this tutorial.
Staff Picks for Splunk Security Reading March 2024
Welcome to the March 2024 Splunk staff picks, featuring a curated list of presentations, whitepapers, and customer case studies that we feel are worth a read.
UEBA Superpowers: Detect and Eliminate Advanced Threats with Machine Learning
Splunk User Behavior Analytics (UBA) detects advanced attacks and insider threats with unsupervised machine learning.
Level Up Your Security Data Journey and MITRE ATT&CK Benchmarking with Splunk Security Essentials
Announcing the release of Splunk Security Essentials version 3.8.0, which adds maturity journey and benchmarking.
Process Hunting with PSTree
This tutorial shows how to use the pstree command & app to help you look through all the processes you have to investigate.
Elevating Security Intelligence with Splunk UBA's Machine Learning Models
Splunk UBA uses machine learning to detect evolving threats beyond rule-based approaches in SOC operations, tackling overwhelming event volumes.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
