Skip to main content
false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Tag: Splunk Enterprise Security

Latest Articles

Security 1 Min Read

Threat Hunter Intelligence Report

Welcome to Splunk’s Threat Hunter Intelligence Report, a monthly series brought to you by Splunk’s threat hunting and intelligence (THI) team sharing the latest cybersecurity threats and trends to help organizations stay one step ahead of adversaries, one report at a time.
Security 3 Min Read

Find the Fingerprints and Traces of Threats with Splunk at RSAC 2021
Splunk's heading to RSAC 2021, are you? Take a peak at our upcoming sessions and don't forget to tune into our CEO Doug Merritt's keynote when he takes the RSAC main stage.
Security 10 Min Read

SUPERNOVA Redux, with a Generous Portion of Masquerading
A review of the Pulse Secure attack where the threat actor connected to the network via a the Pulse Secure virtual private network (VPN), moved laterally to its SolarWinds Orion server, installed the SUPERNOVA malware, and collected credentials, all while masquerading the procdump.exe file and renamed it as splunklogger.exe.
Security 11 Min Read

Monitoring Pulse Connect Secure With Splunk (CISA Emergency Directive 21-03)
Our Splunk security experts share a closer look at the Pulse Connect Secure attack, including a breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.
Security 8 Min Read

Elevate Your Cloud Security Posture with Splunk and Google Cloud
It’s more critical than ever to secure your company data and protect your workloads in the cloud. This blog post is a roundup of latest technical resources and product capabilities by both Google Cloud & Splunk to enhance your threat prevention, detection, and response techniques, regardless of where you are in your business-transforming cloud journey.
Security 4 Min Read

Advanced Link Analysis: Part 2 - Implementing Link Analysis
Learn how to step-by-step process to building the dashboard with Sigbay Link Analysis visualization app from scratch.
Security 3 Min Read

Detecting AWS IAM Privilege Escalation
The Splunk Threat Research team develops security research to help SOC analysts detect adversaries attempting to escalate their privileges and gain elevated access to AWS resources. Learn how we simulate these attacks using Atomic Red Team, collect and analyze the AWS cloudtrail logs, and utilize pre-packaged Splunk detections to detect these threats.
Platform 1 Min Read

Bringing You Context-Driven, In-Product Guidance
Splunk is providing in-product guidance right at your fingertips to help you accomplish your goals without navigating away from the product. Learn more in this blog post.
Security 5 Min Read

Visual Link Analysis with Splunk: Part 3 - Tying Up Loose Ends
Using Splunk for Link Analysis part 3, addressing loose ends with visual link analysis.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk Inc. All rights reserved.