Splunk

splunk

Between Two Alerts: Phishing Emails - Less Ocean, More Aquarium

When we discuss Splunk Phantom with customers here at Splunk, we end up talking about phishing pretty frequently. As discussed in a recent blog post, "Phishing Emails — Don’t Get Reeled In!," phishing is a super common issue that almost everyone deals with ad nauseum. It’s also a nuisance to investigate. The good news is that automation excels at dealing with repetitive, mind-numbing workflows like phishing investigations.

splunk

Painting with Data: Choropleth SVG

With the release of the Splunk Enterprise Dashboards Beta version 0.5.2 comes an exciting new feature that I’m sure many people will find useful: Choropleth SVG Objects. What are Choropleth SVG Objects? Put simply, it’s painting with data. To help you navigate getting started with the current iteration of this feature, I’m writing a blog to show you just how easy it is to use and create absolutely custom SVG objects.

splunk

Derbyshire Fire & Rescue Service: Fighting cybersecurity fires with Splunk

Everyone at Splunk is very proud of the amazing things that our customers and partners do with their data. It is always extra special when one of those organisations is really doing good and looking after us all in our daily lives. I’m delighted to share one of those stories from the Derbyshire Fire & Rescue Service (DFRS) who is using Splunk as its data-driven SIEM.

splunk

Splunk Security Essentials 3.1: Enhanced MITRE ATT&CK Matrix: Find the Content that Matters the Most to You, Faster

One of the great things about developing for Splunk Security Essentials is that most of the features and capabilities are requested from customers and the security community. In this latest release (3.1), we added a feature that has been requested frequently: the ability to filter the ATT&CK Matrix for Cloud and SaaS Techniques. The MITRE ATT&CK Framework consists of multiple matrices such as Enterprise, Mobile, and ICS.

splunk

What's New in the Splunk Machine Learning Toolkit 5.2?

We're excited to announce that the Splunk Machine Learning Toolkit (MLTK) version 5.2 is available for download today on Splunkbase! Earlier this month, I discussed how the release of version 5.2 will make machine learning more accessible to more users. Splunk’s MLTK lets our customers apply machine learning to the data they're already capturing in Splunk, develop models, and operationalize these algorithms to glean new insights and make more informed decisions.

splunk

Approaching Kubernetes Security - Detecting Kubernetes Scan with Splunk

The Kubernetes framework has become the leading orchestration platform. Originally developed by Google, Kubernetes is a "platform for automating deployment, scaling, and operations of application containers across clusters of hosts" * . The kubernetes platform is used in all Cloud platform provider vendors as a tool that allows orchestration, automation and provision of applications and specific needs computing clusters and services.