Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!

Enterprise Security Content Update (ESCU) | New Releases

TyneDarke
Splunk Employee
Splunk Employee

In July, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security Content Update (ESCU) app (v4.35.0, v4.36.0 and v.37.0). With these releases, there are 36 new analytics, 6 new analytic stories, 6 updated analytics, and 20 updated analytic stories now available in Splunk Enterprise Security via the ESCU application update process.

Content highlights include:

  • The new AcidPour analytic story includes content to help detect and investigate activity that might relate to AcidPour Wiper malware. To learn more about this malware and the content in the related analytic story, check out this blog.
  • The new Gozi Malware analytic story covers the detection and analysis of Gozi malware (also known as Ursnif or ISFB), one of the oldest and most persistent banking trojans.
  • The new ShrinkLocker analytic story includes detections related to ShrinkLocker, a new ransomware that uses Windows BitLocker to encrypt files by creating new boot partitions.

New Analytics (36)

New Analytic Stories (6)

Updated Analytics (6)

Updated Analytic Stories (20)

The team also published the following blogs:

For all our tools and security content, please visit research.splunk.com.

— The Splunk Threat Research Team

Get Updates on the Splunk Community!

Splunk Edge Processor | Popular Use Cases to Get Started with Edge Processor

Splunk Edge Processor offers more efficient, flexible data transformation – helping you reduce noise, control ...

3 Ways to Make OpenTelemetry Even Better

My role as an Observability Specialist at Splunk provides me with the opportunity to work with customers of ...

What's New in Splunk Cloud Platform 9.2.2406?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2406 with many ...