Tag: Security Research
Latest Articles
Security at .conf21 Virtual: Analytics-Fueled, Automation-Driven and Cloud-Delivered
Explore the .conf21 Security Track with track chair John Dominguez as he outlines his favorite security sessions and what you should earmark for .conf this year.
Partner Spotlight: NCU-ISAO Members Gain Actionable Intelligence with TruSTAR
We recently spoke with Brian Hinze, NCU-ISAO Vice President, Member Services and Operations, to learn more about why NCU-ISAO chose TruSTAR for intelligence management, and how member organizations are using TruSTAR for information sharing and collaboration.
What Do Organizations Value Most in a SIEM/Security Analytics Provider? In a Word: Actionability
According to 451 Research’s Voice of the Enterprise survey data, 64% say integration and correlation of threat intelligence is very important when selecting a SIEM vendor. Learn where Splunk Enterprise Security can give you actionable insights.
Hunting for Detections in Attack Data with Machine Learning
Learn how to leverage the real-world and simulated attack data that Splunk's Threat Research team collected to use machine learning to discover attack activity and identify how to transform insights into detections.
Conti Threat Research Update and Detections
In this blog, the Splunk Threat Research team will show you how to use Splunk Attack Range to simulate cyber attacks from the Conti Ransomware group. It will also have pre-built detections that you can use to detect them in your environment.
Detecting SeriousSAM CVE-2021-36934 With Splunk
SeriousSAM or CVE-2021-36934 is a Privilege Escalation Vulnerability. The Splunk Threat Research team recommends performing an assessment to better understand the impact of this vulnerability in corporate environments.
Get Started with Splunk for Security: Splunk Security Essentials
Splunk Security Essentials (SSE) is now part of the Splunk security portfolio and fully supported with an active Splunk Cloud or Splunk Enterprise license. Start using SSE and apply prescriptive guidance and deploy pre-built security detections in your Splunk environment.
Detecting Trickbot with Splunk
The Splunk Threat Research Team has assessed several samples of Trickbot, a popular crimeware carrier that allows malicious actors to deliver multiple types of payloads. Use our pre-built Splunk detections to detect Trickbots.
Ransomware Groundhog Day: Elevating Your Program in a High-Threat Environment
REvil attackers exploited Kaseya, a highly trusted management software. Here's how security leaders can take actionable steps to improve your business's defenses.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
