Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

LNK or Swim: Analysis & Simulation of Recent LNK Phishing

LNK (shortcut) files are a common starting point for many phishing campaigns. Threat actors abuse the unique properties of LNK files to deceive users and evade detection and prevention countermeasures, making them potent tools for compromising systems and networks. In this blog, we'll provide an in-depth analysis of recent LNK phishing campaigns, examining the tactics, techniques, and procedures (TTPs) employed by threat actors.

Reduce False Alerts - Automatically!

Analysts rely on User and Entity Behavior Analytics (UEBA) tools to track anomalies, investigate incidents, and respond to cybersecurity threats. However, the varying nature of user and entity behaviors across different organizations means that predetermined thresholds often fail to account for unique baselines. Even within the same environment, temporal variations can cause significant differences in monitoring signals.

Introducing the SIEM of the Future: Splunk Enterprise Security 8.0

It’s been an exciting year for Splunk Enterprise Security! In May, we celebrated being recognized as a Leader ten times in a row in the 2024 Gartner Magic Quadrant for SIEM. We’re not stopping there. We’re excited to introduce the SIEM of the Future to keep the momentum going. Splunk Enterprise Security 8.0 is available now in a private preview.

UEBA Superpowers: Simplify Incident Investigations to Increase SOC Efficiency

In an era marked by an increasing volume and sophistication of cyber threats, the efficiency of your SOC operations has become more important than ever. SOCs are flooded by a daily barrage of attacks and alerts, with a significant portion being false positives, leading to alert fatigue and the potential for genuine threats to slip through the cracks.

Splunk SOAR Playbook of the Month: Splunk Attack Analyzer Dynamic Analysis

Alert triage can be a very cumbersome and time consuming process for SOC teams. Our recent State of Security report found that 26% of respondents agree that the volume of alerts they deal with makes it difficult to keep up with addressing emergencies. While tools like virtual sandboxes can help analysts better test and understand the severity of the threats they encounter, the process of testing and documenting results can add further tedium to an already prolonged process.

Splunk Named a Leader in the Gartner Magic Quadrant for SIEM

Splunk has been named a Leader in the 2024 Gartner Magic Quadrant for Security Information and Event Management (SIEM), which is the tenth consecutive time for Splunk in the Leaders Quadrant. We are incredibly honored to receive this recognition and are grateful to our customers and partner community for making this recognition possible.

Splunk User Behavior Analytics (UBA) 5.4 Delivers FIPS Compliance and Advanced Anomaly Detection

Splunk’s latest User Behavior Analytics (UBA) product update, version 5.4.0, brings enhancements and new features designed to streamline operations and improve threat detection accuracy. Let’s see what’s new!