Tag: Splunk Enterprise Security

Splunk Enterprise Security helps power MXDR by Deloitte with continuous intelligence, threat detection, and comprehensive visibility across IT and Operational Technology assets. These capabilities enable MXDR to protect customers anywhere they do business, whether on-prem, hybrid, cloud or multi-cloud environments.

Synthetic Adversarial Log Objects (SALO) is a framework for the generation of log events without the need for infrastructure or actions to initiate the event that causes a log event. Learn more about its purpose and how you can utilize it.

Congress again re-enforces the importance of interoperability and automated orchestration of cybersecurity systems.

Check out the latest Security Analytics enhancements to Splunk Enterprise Security with our latest 7.0 release.

Start detection against behaviors and TTPs from a Remcos loader that utilizes DynamicWrapperX (dynwrapx.dll) to execute shellcode and inject Remcos RAT into the target process.

Splunk Threat Research Team simulated the Log4j vulnerabilities in the Splunk Attack Range. Using the data collected, we developed 13 new detections and 9 playbooks to help Splunk SOAR customers investigate and respond to this threat.

Good news, you can use Splunk to proactively hunt using Network Traffic and DNS query logs data sources to detect potential Log4Shell exploit. From Splunk SURGe, learn even more detections against CVE-2021-44228.

The power of the new Splunk integration with Salesforce's Real-Time Event Monitoring (RTEM) enables customers to track security concerns such as failed logins, suspicious login-as activities and high risk permission modifications. Find out more in this blog.

Software supply chain attacks are not going away. As our network defenses improve, adversaries must move up the chain to stay a step ahead of our defenses.