Skip to main content
false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 7 Min Read

Laying the Foundation for a Resilient Modern SOC
Splunk Security supports your journey to digital resilience by providing comprehensive security visibility to reduce business risk; equipping your team with risk-based threat detection, investigation, and response technologies to help you build a modern SOC; and fueling security innovation through Splunk’s vibrant community.
Security 8 Min Read

Unmasking the Enigma: A Historical Dive into the World of PlugX Malware
The Splunk Threat Research Team (STRT) unravels the mystery of a PlugX variant, peeling back the layers of its payload, tactics, and impact on the digital realm.
Security 6 Min Read

User Behavior Monitoring with M-21-31
OMB M-21-31 requires US Federal Civilian agencies to implement user behavior monitoring. We'll explain what that means and how to do it right.
Security 6 Min Read

Detecting Dubious Domains with Levenshtein, Shannon & URL Toolbox
Got some parsed fields that you're ready to analyze... possibly for threat hunting? We'll use Levenshtein, Shannon & URL Toolbox to show you how!
Security 10 Min Read

Take a SIP: A Refreshing Look at Subject Interface Packages
Splunker Michael Haag dives into Subject Interface Packages (SIPs) and their role in Windows security, exploring how SIPs can be exploited by malicious actors to bypass security measures and sign malicious code.
Security 3 Min Read

Parsing Domains with URL Toolbox (Just Like House Slytherin)
One of the most popular Splunk security apps of all time, URL Toolbox’s URL parsing capabilities have been leveraged by thousands. Full story here.
Security 2 Min Read

CIO Roundtable: Harnessing GenAI for Resilient Security and Observability – Insights and Strategies
Get insights from a recent roundtable discussion in collaboration with CIO magazine. The talk focused on the dual challenge faced by IT and security managers: mitigating risks associated with AI while leveraging AI to enhance organizational capability.
Security 3 Min Read

Splunk SOAR 6.2 Introduces New Automation Features, Workload Migration, and Firewall Integrations
Announcing the release of Splunk SOAR 6.2 with features like logic loops for playbooks, integrations with CyberArk, two new firewall apps, and a new conversion option for classic playbooks.
Security 3 Min Read

Staff Picks for Splunk Security Reading November 2023
Splunk security experts share their list of presentations, whitepapers, and customer case studies from November 2023 that they feel are worth a read.
Security 5 Min Read

Using eval to Calculate, Appraise, Classify, Estimate & Threat Hunt
This article discusses a foundational capability within Splunk — the eval command. Need to pick a couple commands for your desert island collection? eval should be one!
Security 4 Min Read

Using RegEx for Threat Hunting (It’s Not Gibberish, We Promise!)

Another excellent tool for your threat hunting: RegEx! SPL offers two commands for utilizing regular expressions in Splunk searches. See how to do it here.
Security 6 Min Read

Stat! 3 Must-Have Data Filtering Techniques
To hunt for threats, there's a lot of data you do NOT need. Here are the 3 must-have data filtering techniques so you can hunt those threats STAT!
Security 8 Min Read

Compliance Essentials for Splunk 2.1.0
Announcing the latest on Compliance Essentials for Splunk, an essential part of your toolkit to help your organization maintain and monitor your compliance status and cyber resiliency with various frameworks.
Security 5 Min Read

Enhance Security Resilience Through Splunk User Behavior Analytics VPN Models
This blog introduces new machine learning models in Splunk UBA for VPN connection monitoring to enhance WFH security resilience.
Security 10 Min Read

More Than Just a RAT: Unveiling NjRAT's MBR Wiping Capabilities
The Splunk Threat Research Team (STRT) provides a deep-dive analysis of NjRAT (or Bladabindi), a Remote Access Trojan (RAT) discovered in 2012 that's still active today.
Security 5 Min Read

Detect WS_FTP Server Exploitation with Splunk Attack Range
The Splunk Threat Research Team shares how they used Splunk Attack Range to develop detection content related to CVE-2023-40044.
Security 4 Min Read

Staff Picks for Splunk Security Reading October 2023
Splunk security experts share their list of presentations, whitepapers, and customer case studies from October 2023 that they feel are worth a read.
Security 3 Min Read

Educating the Next Generation of Cyber Defenders
Splunk's Eric Fusilero emphasizes the need for cyber defender education and aligns with the National Cyber Workforce Strategy, offering training and scholarships.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk LLC All rights reserved.