Skip to main content
false

Tag: SURGe

Latest Articles

Security 6 Min Read

Go With the Flow - Network Telemetry (VPC Data) in AWS

This blog post describes how to use VPC data from AWS in Splunk to hunt hunt hunt!
Security 5 Min Read

CloudTrail - Digital Breadcrumbs for AWS

This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it
Security 4 Min Read

November Spawned an Osquery

This blogs reviews how to hunt through osquery logs
Security 3 Min Read

I Azure You, This Will Be Useful

This blog post describes how to use Azure Active directory for basic hunting and discovery
Security 3 Min Read

The Future is Cloudy with a Chance of Microsoft Office 365

This blog reviews the data that comes out of Office365 and how to use it to hunt in Splunk.
Security 5 Min Read

I Have a Fever, and the Only Cure for It Is More Feedback

A how-to on providing feedback from hunting into security operations
Security 4 Min Read

Being Your Own Detective with SA-Investigator

This post of the Back to Basics Hunting series with Splunk discusses how to use the new SA-Investigator add-on for Enterprise Security to dig deep into your datamodels and find the evil lurking within.
Security 4 Min Read

Tall Tales of Hunting with TLS/SSL Certificates

TLS and SSL certificates are a great way to hunt advanced adversaries. Collect them with Splunk Stream, Bro, or Suricata and hunt in your own data!