February 2023 | Check out the latest and greatest
Splunk Enterprise Security 7.1 Now Available
The recent Splunk Enterprise Security (ES) 7.1 release helps tackle slow detection times, lack of context around security incidents, and inefficient implementation and execution of incident response flows. Learn more in this blog, and watch our demos on threat topology and MITRE ATT&CK framework features.
The .conf23 Call for Proposals is Open!
If you’re thinking of submitting a Call for Speakers proposal, be sure to start here, with our .conf23 Call for Speakers Webinar. You’ll get tips, tricks and recommendations to help you prepare your .conf submission, directly from the .conf23 Review Committee and our speaker coach. You’ll learn:
- How to write a strong .conf title and abstract
- This year’s topics and themes to include in your learning objectives and overall submission
- Practical advice to help your .conf submission stand out and get you ready for a breakout stage
New Detections from the Splunk Threat Research Team
The Splunk Threat Research Team (STRT) has had two releases of security content, which provide you with 18 new detections and 3 new analytic stories. The new security content is available via the ESCU application update process or via Splunk Security Essentials (SSE).
The Splunk Threat Research Team has also published the following blogs to help you stay ahead of threats:
- All the Proxy(Not)Shells
- From Registry With Love: Malware Registry Abuses
- Introducing Splunk Attack Range v3.0
Using MITRE ATT&CK in Splunk Security Essentials
The Splunk Security Essentials (SSE) app allows you to use the ATT&CK framework for a wide array of use cases and to answer a wide range of questions. Learn more in this blog.
Splunk App for PCI Compliance
We recently released version 5.1 of the Splunk App for PCI Compliance to help solve financial compliance use cases by capturing, monitoring, and reporting on relevant data from any source to quickly investigate and resolve compliance issues. Learn more about the Splunk App for PCI Compliance here.
Splunk at Hackers on the Hill
SURGe team member Mick Baccio recently attended Hackers on the Hill to hear from policy makers and experts on technology-related issues and get an overview on the National Cybersecurity Strategy. Learn more about his time at the event in this blog.
Purple Teaming to Enhance Detection Engineering
Splunk Threat Research Team member Mauricio Velazco recently presented on a SANS Ask the Expert session highlighting the benefits of purple teaming and how the Splunk Attack Range can be used for purple teaming and detection development. Watch the recording here.
Splunk Data Security Predictions 2023
If you missed SURGe team members Ryan Kovar and Mick Baccio presenting on the Splunk Data Security Predictions 2023 report live, be sure to check out the recording. The full report is available for Download here.
This month we’re excited to announce the relaunch of the Splunk Success Framework, a comprehensive resource for Splunk program managers to create best-practice processes for Splunk implementation. This comprehensive framework has been updated to include a brand-new Fundamentals section, improved navigation, and fresh tips from Splunk experts.
The four functional areas covered in the framework include program management, people management, platform management, and data lifecycle management. The best practices in the framework are flexible and modular, allowing you to tailor them to your organization's unique requirements.
Check out the Splunk Success Framework today, and please let us know what you think!
Education Corner
Splunk Training for All
Meet Aspiring Cybersecurity Analyst, Marc Alicea
Splunk is expanding learning opportunities and lowering the barriers to entry for anyone, anywhere so learners can grow their careers and global organizations can find qualified candidates to fill the critical skills gap. This profile tells Marc’s story, an aspiring cybersecurity analyst, who completed 25 of our free, self-paced training courses on his journey to become a Splunk Core Certified User. It’s a real life depiction about one more learner who greatly benefited from our catalog of free Splunk Education courses available to anyone looking to grow their career and feel more confident navigating this highly-technical world.
There’s a Hero in All of Us!
It’s time to envision the adventures you can have with more Splunk skills under your (utility) belt. It’s the Power of Splunk Education. How can data help you save the day? Watch.
The Power of Splunk Education
Talk to Splunk Product Design
Our product design team is currently looking for Splunk users to talk to about their experiences with Splunk products. Sign up here to participate in upcoming studies and shape the future of our products and roadmaps!
Tech Talk: DevOps Edition
Synthetic Monitoring: Not your Grandma’s Polyester!
Seriously. We won’t pepper you with sales and marketing stuff; we’ll jump in and keep it technical! Join Splunk and TekStream on Tuesday, February 28 at 11am PT/2pm ET for a demonstration of Splunk Synthetic Monitoring with real-world examples!
Until Next Month,
Happy Splunking!
