Splunk

Splunk SOAR Feature Video: Install/Update Apps

Jul 27, 2021 By Splunk In Splunk

A common task on the Splunk SOAR platform is installing a new app, or updating existing apps. Apps extend the Splunk SOAR platform by integrating third-party security products and tools. We currently offer more than 350 premade apps that are accessible right now.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Install/Update Apps

Detecting SeriousSAM CVE-2021-36934 With Splunk

Jul 27, 2021 By Splunk Threat Research Team In Splunk

SeriousSAM or CVE-2021-36934 is a Privilege Escalation Vulnerability, which allows overly permissive Access Control Lists (ACLs) that provide low privileged users read access to privileged system files including the Security Accounts Manager (SAM) database. The SAM database stores users' encrypted passwords in a Windows system. According to the Microsoft advisory, this issue affects Windows 10 1809 and above as well as certain versions of Server 2019.

Read Post

Splunk

Read more about Detecting SeriousSAM CVE-2021-36934 With Splunk

Onboarding Data in Splunk Security Analytics for AWS

Jul 26, 2021 By Splunk In Splunk

Splunk Security Analytics for AWS’ new data onboarding wizard quickly takes you from subscribing to the service to visualizing your AWS environment. We’ll walk through the wizard in this video, and you’ll see how the new process can save you hours, days or even weeks when compared to traditional data onboarding processes.

View Video

Splunk

Read more about Onboarding Data in Splunk Security Analytics for AWS

Get Started with Splunk for Security: Splunk Security Essentials

Jul 23, 2021 By Amy Heng In Splunk

Continuing to ride the waves of Summer of Security and the launch of Splunk Security Cloud, Splunk Security Essentials is now part of the Splunk security portfolio and fully supported with an active Splunk Cloud or Splunk Enterprise license. No matter how you choose to deploy Splunk, you can apply prescriptive guidance and deploy pre-built detections from Splunk Security Essentials to Splunk Enterprise, Splunk Cloud Platform, Splunk SIEM and Splunk SOAR solutions.

Read Post

Splunk

Read more about Get Started with Splunk for Security: Splunk Security Essentials

Detecting Trickbot with Splunk

Jul 21, 2021 By Splunk Threat Research Team In Splunk

The Splunk Threat Research Team has assessed several samples of Trickbot, a popular crimeware carrier that allows malicious actors to deliver multiple types of payloads.

Read Post

Splunk

Read more about Detecting Trickbot with Splunk

Demystifying the Hype Around XDR

Jul 15, 2021 By Jane Wong In Splunk

Extended Detection and Response (XDR) has generated a lot of buzz recently with press, analysts, and even customers. There’s no denying that, at face value, its promise of reduced complexity and cost while increasing detection and response is alluring. As security teams look to modernize their security tooling, they’re also looking for solutions to some of their largest challenges. Is XDR the answer? What is XDR, exactly, and how do you determine if it’s right for your organization?

Read Post

Splunk

Read more about Demystifying the Hype Around XDR

Five Questions Your Organization Must Ask to Prepare For a Ransomware Attack

Jul 12, 2021 By Yassir Abousselham In Splunk

Since last week, I’ve been speaking with Splunk customers and our own team about the cyberattacks impacting the Kaseya software platform. While Splunk was not impacted by the ransomware attack, as a security leader we want to help the industry by providing tools, guidance and support. It’s critical that we work together as a community to counter cybersecurity threats and share information about events like these.

Read Post

Splunk

Read more about Five Questions Your Organization Must Ask to Prepare For a Ransomware Attack

What's New with Splunk Enterprise Security 6.6?

Jul 9, 2021 By Marquis Montgomery In Splunk

We are super excited to announce updates to Splunk Enterprise Security (ES) with our latest 6.6 release. Get ready for the latest and greatest that Splunk Enterprise Security has to offer. Let's dive right into it.

Read Post

Splunk

Read more about What's New with Splunk Enterprise Security 6.6?

Splunk Named a Leader in the 2021 Gartner SIEM Magic Quadrant for the Eighth Time

Jul 6, 2021 By Eric Schou In Splunk

Splunk was named a Leader for the eighth consecutive time this week in the Gartner Magic Quadrant for Security Information and Event Management (SIEM)*. In our opinion, this recognition marks one of the longest running recognitions in the history of the SIEM market. The recognition comes on the heels of Splunk also being ranked No.

Read Post

Splunk

Read more about Splunk Named a Leader in the 2021 Gartner SIEM Magic Quadrant for the Eighth Time

Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt

Jul 5, 2021 By Ryan Kovar In Splunk

When Splunk told me we would have a “breach holiday” theme for the summer, I didn’t think it would be quite so on the nose… For those of you who have been working on this Kaseya REvil Ransomware incident over the weekend, I salute you. We’ve been doing the same. As usual, my team here at Splunk likes to make sure that we have some actionable material before posting a blog, and this time is no different.

Read Post

Splunk

Read more about Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt

Subscribe to Splunk

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

Splunk SOAR Feature Video: Install/Update Apps

Detecting SeriousSAM CVE-2021-36934 With Splunk

Onboarding Data in Splunk Security Analytics for AWS

Get Started with Splunk for Security: Splunk Security Essentials

Detecting Trickbot with Splunk

Demystifying the Hype Around XDR

Five Questions Your Organization Must Ask to Prepare For a Ransomware Attack

What's New with Splunk Enterprise Security 6.6?

Splunk Named a Leader in the 2021 Gartner SIEM Magic Quadrant for the Eighth Time

Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt

Monthly Archive

Follow Us