Tag: SURGe
Latest Articles
CISA’s Known Exploited Vulnerabilities Catalog and Splunk
Accompanying today’s announcement from CISA (BOD 22-01) and their new Known Exploited Vulnerabilities Catalog, SURGe and Splunk Threat Research Team (STRT) have coordinated to add functionality into Enterprise Security Content Updates (ESCU). This added functionality will help network defenders understand vulnerability context alongside relevant ESCU detections.
High(er) Fidelity Software Supply Chain Attack Detection
Software supply chain attacks are not going away. As our network defenses improve, adversaries must move up the chain to stay a step ahead of our defenses.
SURGe: Blue Collar for the Blue Team
Splunk has a new security research team focused on in-depth analysis of the latest cybersecurity news to help the public navigate security incidents with confidence using Splunk.
No Regrets Using Autoregress
The autoregression command, which is a centralized streaming command, is used to calculate a moving average. Learn how to use this command to gather information, just in time for Boss of the SOC v6!
Go With the Flow - Network Telemetry (VPC Data) in AWS
This blog post describes how to use VPC data from AWS in Splunk to hunt hunt hunt!
CloudTrail - Digital Breadcrumbs for AWS
This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it
November Spawned an Osquery
This blogs reviews how to hunt through osquery logs
I Azure You, This Will Be Useful
This blog post describes how to use Azure Active directory for basic hunting and discovery
The Future is Cloudy with a Chance of Microsoft Office 365
This blog reviews the data that comes out of Office365 and how to use it to hunt in Splunk.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
