Splunk Security Content for Threat Detection & Response: February Recap

Security Splunk Threat Research Team

In February, the Splunk Threat Research Team (STRT) had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app (v5.21 and v5.22). With this release, there are 9 new analytic stories and 14 new analytics now available in Splunk Enterprise Security via the ESCU application update process.

Content Highlights Include:

For all our tools and security content, please visit research.splunk.com.

Related Articles

Using Splunk Attack Range to Test and Detect Data Destruction (ATT&CK 1485)
Security
2 Minute Read

Using Splunk Attack Range to Test and Detect Data Destruction (ATT&CK 1485)

Using Splunk Attack Range to test and detect Data Destruction techniques
Using Splunk to Detect Sunburst Backdoor
Security
8 Minute Read

Using Splunk to Detect Sunburst Backdoor

The Sunburst Backdoor threat truly burst on the scene as a send off for 2020. The good news is that the Splunk Security team has produced detections you can run in Splunk Enterprise Security to help you protect your environment from this sophisticated threat.
TruSTAR Enclave: Not Your Grandpa’s 'Trusted Circle'
Security
4 Minute Read

TruSTAR Enclave: Not Your Grandpa’s 'Trusted Circle'

TruSTAR’s Enclave technology is the most advanced cloud-based governance engine for enterprise cyber intelligence – read on to discover how it has evolved to meet the needs of integration, automation and intelligence sharing.