Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!

Security Highlights | January 2023 Newsletter

LesediK
Splunk Employee
Splunk Employee

Email Header-Customer Success Monthly Account Newsletter-101-security-01.jpg

January 2023

LesediK_6-1666045427080.png

 

Splunk Security Essentials (SSE) 3.7.0 Release

The free Splunk Security Essentials (SSE) 3.7.0 app was released in early December and includes some great new updates:

  • The ability to push MITRE ATT&CK and Cyber Kill Chain attributions to the ES Incident Review Dashboard
  • Metrics and visualization on how many data sources are enabled from corresponding originating apps
  • The ability to search for content using free text in Content Mapping

Learn more about these new updates and more in our blog, and download SSE to get started today.

LesediK_6-1666045427080.png

Tech Talks: Security Edition | Now On Demand

 

Machine Learning in Security

 

Machine Learning in Security _TT.png

Splunk customer Saudi Aramco recently presented on how their organization uses the analytical power of Splunk to hunt for cyber and insider threats and how they also utilize the Splunk Machine Learning Toolkit (MLTK) for novelty and outlier detection. View the recording here.

 

Fusing Intelligence into Splunk SOAR

 

Screen Shot 2023-01-25 at 10.34.36 PM.png

 

Watch this session to learn how Splunk® Intelligence Management ingests, normalizes and prioritizes intelligence from over 70 sources to simplify Splunk® SOAR playbooks. Watch Now

 

LesediK_6-1666045427080.png

Essential Guide to Risk-based Alerting

 

Essential Guide to Risk-based Alerting.png

This new guide shows how risk-based alerting in Splunk Enterprise Security can reduce the number of overall alerts while increasing the fidelity of alerts that do arise. Download your copy here, and watch this video to see a demo of how to work with risk-based alerts in Splunk Enterprise security.

 

LesediK_6-1666045427080.png

Detections & Analytics from the Splunk Threat Research Team

The Splunk Threat Research Team (STRT) has had three recent releases of security content in the Enterprise Security Content Update (ESCU) app, with the most recent being v3.55.0. These releases delivered 29 new detections and 6 new analytic stories, which are all available in Splunk Enterprise Security via the ESCU application update process or via Splunk Security Essentials (SSE).

The Splunk Threat Research Team has also published the following blogs to help you stay ahead of threats:

LesediK_0-1674702565111.png

 

Splunk Data Security Predictions 2023

Splunk security experts have provided their take on the threats and strategies that will define 2023. Download your copy here and register to join SURGe team members Ryan Kovar and Mick Baccio for the webinar Staying Cyber Resilient in 2023.

 

LesediK_0-1674702565111.png

Splunk Named a Leader for SIEM and Security Analytics Platforms

Splunk is proud to have been named a leader in two recent analyst reports. Read more and download the reports from our blogs:

 

LesediK_0-1674702565111.png

Finding Value in Macro-level ATT&CK Reporting

Knowing that security teams are feeling overwhelmed by the increasing number of attacks on their network, SURGe (Splunk’s strategic cybersecurity research team) recently analyzed three years of macro-level ATT&CK trends across public and private data sources to gain insight into what attackers are doing and to help inform defensive planning. Read the blog to learn more about this research.

 

LesediK_0-1674702565111.png

Explore the Splunk SOAR Adoption Maturity Model

We recently created an in-depth white paper to help SOC teams lay out a security orchestration, automation and response (SOAR) maturity journey using the SOAR Adoption Maturity Model. Read the blog or download the white paper to learn more.

 

LesediK_0-1674702565111.png

LesediK_1-1674702565147.png

 

Cloud Customers

Add your “Security Contact” Today for Cybersecurity-based “Data Breach” Legal Notices

We work hard to protect your data. In the event of a data breach incident, we need to act fast and be confident we’re communicating with the right people. Good news, we’re making it easy for you to add and manage this through our new “Security Contact” feature. Please take a few minutes to add one or more individual emails or email aliases as your Security Contact(s) through the Customer PortalLearn more here.

 

LesediK_2-1674702565113.png

LesediK_3-1674702565141.png

 

Talk to Splunk Product Design

Our product design team is currently looking for Splunk users to talk to about their experiences with Splunk products. Sign up here to participate in upcoming studies and shape the future of our products and roadmaps!

 

 

LesediK_4-1674702565116.png

LesediK_5-1674702565123.png

 

Lantern

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data insights, key use cases, and tips on managing Splunk more efficiently. We also host Getting Started Guides for a range of Splunk products, Product Tips, and Data Descriptor articles.

This month we’re sharing a swathe of new articles written by fantastic Splunk partners. We’re also requesting help from Splunkers and partners to help us write articles on a range of hot topics requested by Splunk customers. If you’re a Splunker or partner with expertise to share, we’d love to hear from you! 

Read on to find out more.

 

LesediK_6-1674702565117.png

LesediK_7-1674702565120.png

 

Education

Register for a FREE Certification Exam, Now in Beta

Are you ready to validate your knowledge of all-things-Observability? Then you’ll be happy to know that we have a New Splunk Certification: Splunk O11y Cloud Certified Metrics User. Registration for this new Certification exam is open NOW in beta. 

As a beta, this exam is FREE for all candidates, is a bit longer, and the results are valid for those who pass,  but the results will not be available until May or June.

If you feel ready and qualified for the challenge, practice for the exam using the test blueprint and register for a free exam appointmentAll the details can be found on the Splunk Registration Page on the Website.

 

Until Next Month,

Happy Splunking!

Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...