Tag: SURGe

Splunker David Bianco explains how an effective threat hunting program is one of the best ways to drive positive change across an organization’s entire security posture.

In this post, we’re going to look at something the PEAK framework refers to as the Hierarchy of Detection Outputs.

Splunker David Bianco provides an in-depth look at baseline hunts, also known as Exploratory Data Analysis (EDA) hunts.

Windows and endpoints go together like threat hunting and Splunk. Let's look at the most valuable Sysmon event codes for threat hunting in Splunk.

Curious about threat hunting in Splunk? Wanna brush up on your baddie-finding skills? Here's the place to find every one of our expert articles for hunting with Splunk.

DNS data is an all-too-common place for threats. Find out how to use Splunk to hunt for threats in your DNS. We will slay those DNS dragons.

In this blog post, we dive into our recent research project, in which the Splunk SURGe team analyzed more than five billion TLS certificates to find out if the CAs we rely on are really worthy of our trust.

Welcome to the third entry in our introduction to the PEAK Threat Hunting Framework! Taking our detective theme to the next level, imagine a tough case where you need to call in a specialized investigator. For these unique cases, we can use algorithmically-driven approaches called Model-Assisted Threat Hunting (M-ATH).

Satisfy internal and external compliance requirements using Splunk standard components.