Tag: Splunk Enterprise Security
Latest Articles
Threat Intel and Splunk Enterprise Security Part 1 - What’s The Point of Threat Intel in ES?
Find out how threat intelligence works with Splunk Enterprise Security
Catching the Coldroot RAT
Detect signs of the Mac Coldroot RAT malware in your environment with Splunk Enterprise Security Content Update (ESCU)
Dear Buttercup: The Security Letters
A blog series answering the questions of customers around the world about Splunk security products like Splunk Enterprise Security, Splunk Phantom, Splunk ESCU, Spunk UBA and more
Modifying the Incident Review Page
How to modify the Incident Review page and add information to Notable Events in Splunk Enterprise Security
ATT&CK-ing the Adversary: Episode 3 – Operationalizing ATT&CK with Splunk
In the final episode in the MITRE ATT&CK trilogy, we focus on applying what we learned and operationalizing it with ATT&CK to assist our security operations
ATT&CK-ing the Adversary: Episode 2 - Hunting with ATT&CK in Splunk
Using MITRE ATT&CK to focus your threat hunting in Splunk
Boss of the SOC Scoring Server, Questions and Answers, and Dataset! Open-Sourced and Ready for Download
We have open-sourced the Boss of the SOC dataset (ver1.0) and BOT(S|N) scoring server. They can be used to run your own CTF, perform research, or train your internal users!
Use Investigation Workbench to Reduce Time to Contain and Time to Remediate
The latest version of Splunk Enterprise Security v 5.0 introduces Investigation Workbench, which streamlines investigations and accelerates incident response
Detecting Typosquatting, Phishing, and Corporate Espionage with Enterprise Security Content Update
Splunk’s Enterprise Security Content Update (ESCU) app can provide you with early warnings and situational awareness—powerful elements of an effective defense against adversaries
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
