Tag: SURGe
Latest Articles
Add to Chrome? - Part 2: How We Did Our Research
SURGe explores the analysis pipeline in more detail and digs into the two main phases of this research – how the team collected the data and how they analyzed it.
Add to Chrome? - Part 1: An Analysis of Chrome Browser Extension Security
An overview of SURGe research that analyzed the entire corpus of public browser extensions available on the Google Chrome Web Store.
Hypothesis-Driven Cryptominer Hunting with PEAK
A sample hypothesis-driven hunt, using SURGe's PEAK threat hunting framework, looking for unauthorized cryptominers.
Old School vs. New School
The Splunk SURGe team examines the claim that generative AI will empower threat actors to improve the scale and/or efficiency of their spear-phishing campaigns.
SOC Models: In-House, Out-Sourced, or Hybrid SOC?
Splunk's Kirsty Paine shares best practices from a roundtable held at Gartner Security & Risk Management Summit 2023.
Detecting Dubious Domains with Levenshtein, Shannon & URL Toolbox
Got some parsed fields that you're ready to analyze... possibly for threat hunting? We'll use Levenshtein, Shannon & URL Toolbox to show you how!
Parsing Domains with URL Toolbox (Just Like House Slytherin)
One of the most popular Splunk security apps of all time, URL Toolbox’s URL parsing capabilities have been leveraged by thousands. Full story here.
Using eval to Calculate, Appraise, Classify, Estimate & Threat Hunt
This article discusses a foundational capability within Splunk — the eval command. Need to pick a couple commands for your desert island collection? eval should be one!
Using RegEx for Threat Hunting (It’s Not Gibberish, We Promise!)
Another excellent tool for your threat hunting: RegEx! SPL offers two commands for utilizing regular expressions in Splunk searches. See how to do it here.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
