Tag: Splunk Enterprise Security
Latest Articles
Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials
In this blog, the Splunk threat research team shows how to detect suspicious activity and possible abuse of AWS Permanent and Temporary credentials.
Integrating COVID (or Any) Threat Indicators with MISP and Splunk Enterprise Security
Integrating MISP servers with Enterprise Security's Threat Intelligence framework
Asset & Identity for Splunk Enterprise Security - Part 3: Empowering Analysts with More Attributes in Notables
This is part three in a three part series on the Asset & Identity framework in Splunk Enterprise Security, focusing providing additional visibility and context to analysts with a notable event.
Asset & Identity for Splunk Enterprise Security - Part 2: Adding Additional Attributes to Assets
This is part two in a three part series on the Asset & Identity framework in Splunk Enterprise Security, focusing on adding additional field or attributes to further contextualize systems being monitored.
Between Two Alerts: Easy VPN Security Monitoring with Splunk Enterprise Security
It’s a whole new world we’re living in, at least for now. This little tutorial will help you stay on top of your security game while in the world of Enterprise Security.
Asset & Identity for Splunk Enterprise Security - Part 1: Contextualizing Systems
This is part one in a three part series on the Asset & Identity framework in Splunk Enterprise Security, focusing on gaining context on systems being monitored.
Use Cloud Infrastructure Data Model to Detect Container Implantation (MITRE T1525)
Using cloud infrastructure data model to detect possible container implantation (Mitre Cloud Matrix technique T1525)
Boss of the SOC v3 Dataset Released!
The tradition continues! We are happy to announce that the Boss of the SOC (BOTS) v3 dataset has been released under an open-source license and is available for download.
Stitching Notables Together with Event Sequencing
Event Sequencing can take multiple notable events that are created from correlation searches and present them to the analysts as a set of linked notable events and help prioritize response when these chain of events occur.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
