Splunk Security Content for Threat Detection & Response: January Recap

Security Splunk Threat Research Team

In January, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security Content Update (ESCU) app (v5.20). With this release, there are 5 new analytic stories and 25 new analytics now available in Splunk Enterprise Security via the ESCU application update process.

Content Highlights Include:

Watch a Demo: Defending Against npm Supply Chain Attacks: A Practical Guide to Detection, Emulation, and Analysis

For all our tools and security content, please visit research.splunk.com.

Related Articles

Security Staff Picks To Read This Month, Handpicked by Splunk Experts
Security
2 Minute Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts

Our Splunk security experts share their favorite reads of the month so you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials
Security
7 Minute Read

Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials

In this blog, the Splunk threat research team shows how to detect suspicious activity and possible abuse of AWS Permanent and Temporary credentials.
Q&A Follow-Up: How Datev uses MITRE ATT&CK & Splunk in its SOC
Security
2 Minute Read

Q&A Follow-Up: How Datev uses MITRE ATT&CK & Splunk in its SOC

Following our webinar with Datev on how they use MITRE ATT&CK & Splunk in its SOC, we compiled all of the questions left unanswered in this blog post. Read all of it here,