Security Blogs

Welcome to the January Splunk staff picks blog – a curated list of presentations, whitepapers, and customer case studies that Splunk security experts feel are worth a read.

In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.

In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.

The Splunk Threat Research Team has swiftly developed Splunk analytics and hunting queries, helping defenders quickly adapt and respond to emerging threats CVE-2023-46804 and CVE-2024-21887.

A sample hypothesis-driven hunt, using SURGe's PEAK threat hunting framework, looking for unauthorized cryptominers.

Splunk is excited about AI, but we're keeping our boots on the ground as we partner with customers to leverage AI to improve efficiency while continuing the essentials via Splunk’s platform.

The Splunk Threat Research Team (STRT) provides a deep dive analysis of the DarkGate malware and its use of AutoIt.

Splunk introduces ShellSweep, a suite of utilities designed to detect and combat malicious web shells in servers.

Discover insights from the Splunk Threat Research Team on Microsoft 365 threat detection, focusing on data source analysis and effective methods for hunting initial access threats.