The SOC just got more powerful. Splunk Enterprise Security 8.4 is here, featuring the General Availability of ES Premier, Detection Studio for AWS cloud, and native Cisco Talos intelligence integration. Learn how these updates streamline detection engineering and reduce alert fatigue with Finding-based Detections.

A breakdown of the new structure for building finding-based detections in Splunk Enterprise Security, as well as a review of the features added in the past few releases.

Discover how new SPL2 pipeline templates are helping customers unlock the full power of Splunk.Learn how to easily streamline your data pipelines and optimize your approach to security and observability.

Enterprise Security (ES) Essentials 8.3 is here, with new capabilities to help analysts focus on critical threats, work faster, and build better detections. See the most important alerts first in a streamlined Analyst Queue, accelerate investigations with the AI Assistant, and gain more control over detection creation and tuning. Plus, join the Detection Studio Alpha to help shape the future of detection engineering.

At Splunk, your product success is our top priority. With Enterprise Security (ES), we're here to help you accelerate security outcomes, reduce risk, and build lasting resilience for your organization. As you may already know, Enterprise Security 7.3 will reach end of support on February 28, 2026. After this date, we will no longer be able to provide technical support, bug fixes, or security updates for this version. 

We are thrilled to continue our journey into a new era for Splunk ES as the AI-Powered SecOp platform, building a unified threat detection, investigation, and response workflow. The new ES 8.3 release has a slew of product enhancements, which you can see in action here. 

We are pleased to announce the general availability of Splunk Enterprise Security 8.1. Splunk becomes the only vendor to bring truly unified threat detection, investigation, and response (TDIR) workflows fueled by automation to both customer managed deplo

In April, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app (v5.3.0 and v5.4.0). With these releases, there are 42 new analytics and 14 new analytic stories now available in Splunk Enterprise Security via the ESCU application update process.

In March, the Splunk Threat Research Team had two releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

In January, the Splunk Threat Research Team had one release of new security content via the Splunk ES Content Update (ESCU) app. In addition to new security content, this release introduces ESCU 5.0, which delivers several new exciting enhancements designed to help further security operations. Check out this post for more details!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to announce that Splunk Enterprise Security 8.0 is available now for our on-premise customers!

In December, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

Correct detection engineering is crucial to make sure your Splunk Enterprise Security instance is giving you full visibility on the threat events happening in your network. 

Some times we will find ourselves troubleshooting on why a detections wasn't triggered. Here is the first of a series of blogs talking about my own experience. 

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

In October, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

In September, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

In August, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

In July, the Splunk Threat Research Team had three releases of new security content via the Enterprise Security Content Update (ESCU) app. Read on for the details!

In June, the Splunk Threat Research Team had two releases of new security content via the Enterprise Security Content Update (ESCU) app. Read on for the details!

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise Security Content Update (ESCU) app. Read on for the details!

We’re happy to share the release of Splunk App for PCI Compliance 5.3.1!

We’re happy to share the release of Splunk Security Essentials 3.8.0, which includes new and updated capabilities to help organizations mature their security programs even faster.

Last month, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app. Read on for the details!

Last month, the Splunk Threat Research Team had 5 releases of new security content via the Enterprise Security Content Update (ESCU) app. Read on for the details!

In the last month, the Splunk Threat Research Team has had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app (v4.17.0 and v4.18.0). Read on for the details!

In our latest release of Splunk Enterprise Security 7.3, we are excited to introduce capabilities that deliver a refined analyst experience and enhanced risk context for seamless incident triage.

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app (v4.15.0 and v4.16.0). 

Our November updates from the Splunk Security Team are here. Updates include Splunk Threat Research Team updates, New Apps and Add-Ons, the latest for SURGe  and more.. 

Here are the latest webinars, workshops, events and more from the Splunk Public Sector Team!