false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Tag: Security Research

Latest Articles

Security 2 Min Read

No Regrets Using Autoregress
The autoregression command, which is a centralized streaming command, is used to calculate a moving average. Learn how to use this command to gather information, just in time for Boss of the SOC v6!
Security 15 Min Read

Active Directory Discovery Detection: Threat Research Release, September 2021

In this blog post, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PoshC2 & PurpleSharp to then collect and analyze the resulting telemetry to test our detections.
Security 4 Min Read

PowerShell Detections — Threat Research Release, August 2021
Adversaries are using PowerShell attacks, but luckily the Splunk Threat Research Team (STRT) has developed PowerShell analytics for Splunk by using the Splunk Attack Range to collect the generated logs, and hunt for suspicious PowerShell.
.conf & .conf Go 6 Min Read

Security at .conf21 Virtual: Analytics-Fueled, Automation-Driven and Cloud-Delivered
Explore the .conf21 Security Track with track chair John Dominguez as he outlines his favorite security sessions and what you should earmark for .conf this year.
Security 4 Min Read

Partner Spotlight: NCU-ISAO Members Gain Actionable Intelligence with TruSTAR
We recently spoke with Brian Hinze, NCU-ISAO Vice President, Member Services and Operations, to learn more about why NCU-ISAO chose TruSTAR for intelligence management, and how member organizations are using TruSTAR for information sharing and collaboration.
Security 2 Min Read

What Do Organizations Value Most in a SIEM/Security Analytics Provider? In a Word: Actionability
According to 451 Research’s Voice of the Enterprise survey data, 64% say integration and correlation of threat intelligence is very important when selecting a SIEM vendor. Learn where Splunk Enterprise Security can give you actionable insights.
Security 3 Min Read

Hunting for Detections in Attack Data with Machine Learning
Learn how to leverage the real-world and simulated attack data that Splunk's Threat Research team collected to use machine learning to discover attack activity and identify how to transform insights into detections.
Security 5 Min Read

Conti Threat Research Update and Detections
In this blog, the Splunk Threat Research team will show you how to use Splunk Attack Range to simulate cyber attacks from the Conti Ransomware group. It will also have pre-built detections that you can use to detect them in your environment.
Security 4 Min Read

Detecting SeriousSAM CVE-2021-36934 With Splunk
SeriousSAM or CVE-2021-36934 is a Privilege Escalation Vulnerability. The Splunk Threat Research team recommends performing an assessment to better understand the impact of this vulnerability in corporate environments.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk LLC All rights reserved.