Splunk Security Content for Threat Detection & Response: October Recap

Security Splunk Threat Research Team

In October, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app (v5.16, v5.17). With these releases, there are 37 new analytics and 11 new analytic stories now available in Splunk Enterprise Security via the ESCU application update process.

Content highlights include:

For all our tools and security content, please visit research.splunk.com.

Related Articles

ATT&CK-ing the Adversary: Episode 3 – Operationalizing ATT&CK with Splunk
Security
4 Minute Read

ATT&CK-ing the Adversary: Episode 3 – Operationalizing ATT&CK with Splunk

In the final episode in the MITRE ATT&CK trilogy, we focus on applying what we learned and operationalizing it with ATT&CK to assist our security operations
Predicting Cyber Fraud Through Real-World Events: Insights from Domain Registration Trends
Security
12 Minute Read

Predicting Cyber Fraud Through Real-World Events: Insights from Domain Registration Trends

By analyzing new domain registrations around major real-world events, researchers show how fraud campaigns take shape early, helping defenders spot threats before scams surface.
Q&A Follow-Up: How Datev uses MITRE ATT&CK & Splunk in its SOC
Security
2 Minute Read

Q&A Follow-Up: How Datev uses MITRE ATT&CK & Splunk in its SOC

Following our webinar with Datev on how they use MITRE ATT&CK & Splunk in its SOC, we compiled all of the questions left unanswered in this blog post. Read all of it here,