Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Enhancing SIEM Events with Automated Threat Analysis of URLs
Splunk debuts Add-on & App for Splunk Attack Analyzer v1.1, elevating security ops via automated URL threat analysis in Splunk ES.
Detecting New Domains in Splunk (Finding New Evil)
Ready to find "new" domains that may be naughty? We'll walk you through how to use Splunk & Splunk Enterprise Security to do that: get the full story here!
Under the Hood of SnakeKeylogger: Analyzing its Loader and its Tactics, Techniques, and Procedures
In this blog, the Splunk Threat Research Team provides valuable insights to enable security analysts and blue teamers to defend and be aware of these scam tactics.
Security Insights: JetBrains TeamCity CVE-2024-27198 and CVE-2024-27199
The Splunk Threat Research Team examines exploit operations, analytics, hunting queries, and tips on capturing TeamCity logs.
Add To Chrome? - Part 4: Threat Hunting in 3-Dimensions: M-ATH in the Chrome Web Store
SURGe experiments with a method to find masquerading using M-ATH with Splunk and the DSDL App.
Detect Money Laundering, Healthcare Fraud, and Unemployment Fraud with the New Version of the Splunk App for Fraud Analytics
Detect money laundering, healthcare fraud, and unemployment fraud with Splunk App Fraud Analytics 1.2.4.
Staff Picks for Splunk Security Reading February 2024
The Splunk security team shares a curated list of presentations, whitepapers, and customer case studies they feel are worth a read.
Beyond Logs: Navigating Entity Behavior in Splunk Platform
Master internal threat detection with Splunk's anomaly detection, finding events like unusual geolocations and spikes in activity, while optimizing security.
Unveiling Phemedrone Stealer: Threat Analysis and Detections
The Splunk Threat Research Team dissects the Phemedrone Stealer.
Add to Chrome? - Part 3: Findings and Recommendations
SURGe explores findings and general recommendations on whether or not you should click 'Add to Chrome' the next time you find a fancy new extension.
Add to Chrome? - Part 2: How We Did Our Research
SURGe explores the analysis pipeline in more detail and digs into the two main phases of this research – how the team collected the data and how they analyzed it.
Are You Forensic Ready?
In the landscape of everyday operations, the concept of forensic readiness may often linger unnoticed in the background.
Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard
The Splunk Threat Research Team outlines the attack chain detailed in the Microsoft blog, offering practical detection and hunting tips for cybersecurity defenders.
Supercharge Cybersecurity Investigations with Splunk and Graphistry: A Powerful Combination for Interactive Graph Exploration
In this blog post, we'll dive deeper into how combining Splunk and Graphistry can help you unlock new capabilities for your cybersecurity investigations and gain better resilience for your organization.
Building Large-Scale User Behavior Analytics: Data Validation and Model Monitoring
Splunk's Cui Lin explores fundamental techniques to validate data volume and monitor models to understand the size of your own UBA clusters.
Add to Chrome? - Part 1: An Analysis of Chrome Browser Extension Security
An overview of SURGe research that analyzed the entire corpus of public browser extensions available on the Google Chrome Web Store.
Another Year of RATs and Trojan Stealer: Detection Commonalities and Summary
The Splunk Threat Research Team shares analysis, analytic stories and security detections for seven well-known RAT and Trojan Stealer malware families.
How Tech Executives Can Support Gender Diverse Cyber Talent
The number of unfilled cybersecurity roles creates a perfect opportunity for leaders to attract female talent at their organizations.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
