Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

SecOps In Seconds: Creating Response Templates in Splunk Mission Control

Streamline your workflows by improving SOC process adherence when you codify your operating procedures into pre-defined templates. Use Splunk Mission Control to speed up investigations with pre-built response templates that include embedded searches, actions, and playbooks to empower security analysts. Model your response plans based on pre-built templates that can be used for security use cases such as “Encoded PowerShell Response”, “Insider Threat” or “Ransomware”. Or build your own templates based on your established processes that are scattered across systems to finally achieve repeatable security operations. This allows you to close the gap between your Splunk ES detections and rapid incident response.

Coffee Talk with SURGe: 2023-APR-18 NSO Group, LockBit macOS Encryptors, AI in CTI, MSFT Taxonomy

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge about how generative artificial intelligence could be used in cyber threat intelligence, with proceeds benefiting the ACLU. The trio also discussed Microsoft's new threat actor naming taxonomy and the role of attribution in cyber threat intelligence.

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 1)

The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 2)

The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.

Coffee Talk with SURGe: The Interview Series featuring Michael Haag

Coffee Talk with SURGe: The Interview Series featuring Michael Haag Join Coffee Talk with SURGe for our bi-weekly interview series. This week, Audra Streetman interviews Michael Haag, Senior Threat Researcher at Splunk. They'll discuss his YouTube show, Atomics on a Friday, along with the Living off the Land Drivers project, which aims to consolidate vulnerable and malicious drivers into a centralized location.

Coffee Talk with SURGe: 2023-APR-04 3CX Supply Chain Compromise, Medical Device SBOMs, ChatGPT

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Audra and Mick competed in a 60 second charity challenge on whether or not they see artificial intelligence reaching singularity, with proceeds benefiting DataEthics4All. The trio wrapped up with a deep dive into the RESTRICT ACT and proposed TikTok ban in the United States.

Coffee Talk with SURGe: The Interview Series featuring Allan Liska

Join Coffee Talk with SURGe for our bi-weekly interview series. This week, SURGe member Shannon Davis interviews Allan Liska, threat intelligence analyst at Recorded Future and author of Ransomware: Understand. Prevent. Recover. They'll talk about the threat of ransomware, including recent trends, the impact of hack-back operations, and how organizations can become more resilient against attacks.

Coffee Talk with SURGe: Oakland Ransomware Attack, BreachForums, Acropalypse Vulnerability, GPT-4

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan shared their takes on responding to 0day vulnerabilities and the trio also discussed GPT-4 and the future of generative AI.

SOCtails - Unify Security Operations with Splunk Mission Control

Security teams constantly pivot between multiple tools and management consoles in order to detect, investigate, and respond to security incidents. It's time-consuming and complex. And it's Kevin's personal nightmare. Jeff shows Kevin how to unify his security operations across detection, investigation and response using Splunk Mission Control.

Unify Your Security Operations with Splunk Mission Control

Splunk Mission Control brings order to the chaos of your security operations by enabling your SOC to detect, investigate and respond to threats from one modern and unified work surface. Watch this 5 minute demo video to learn how Mission Control unifies your security operations experience across Splunk’s industry-leading security technologies and partner ecosystem in one work surface. The demo use case focuses on how an analyst detects, investigates and responds to an encoded PowerShell attack.