Splunk Security Content for Threat Detection & Response: January Recap

Security Splunk Threat Research Team

In January, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security Content Update (ESCU) app (v5.20). With this release, there are 5 new analytic stories and 25 new analytics now available in Splunk Enterprise Security via the ESCU application update process.

Content Highlights Include:

Watch a Demo: Defending Against npm Supply Chain Attacks: A Practical Guide to Detection, Emulation, and Analysis

For all our tools and security content, please visit research.splunk.com.

Related Articles

Detecting Clop Ransomware
Security
5 Minute Read

Detecting Clop Ransomware

As ransomware campaigns continue, malicious actors introduce different modus operandi to target their victims. In this blog, we’ll be taking a look at the Clop ransomware. This crimeware was discovered in 2019 and is said to be used for an attack that demanded one of the highest ransom amounts in recorded history.
Australia Is Investing in Resilience – Are Businesses Ready?
Security
3 Minute Read

Australia Is Investing in Resilience – Are Businesses Ready?

Splunker Craig Bates explains why the most immediate — and underestimated — consequence of disruption isn’t always data loss. It’s downtime.
Threat Intel and Splunk Enterprise Security Part 2 - Adding Local Intel to Enterprise Security
Security
4 Minute Read

Threat Intel and Splunk Enterprise Security Part 2 - Adding Local Intel to Enterprise Security

Splunker John Stoner shares a walkthrough for how to add local threat intelligence into Splunk Enterprise Security