Detecting Remote Code Executions With the Splunk Threat Research Team
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark Topic
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content

Remote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, they allow attackers to easily execute arbitrary code on affected systems without authentication — and open the door to use additional tactics and techniques to cause further harm.
To support defenders against these attacks, the Splunk Threat Research Team regularly creates new out-of-the-box security content for use in Splunk Enterprise Security. Join this Tech Talk to learn more from Michael Haag, Principal Threat Researcher, who will provide:
- An overview of the latest security content the team has developed to defend against RCEs
- Best practices for implementing and using this content
- A walkthrough of the detection engineering process the Splunk Threat Research Team follows to create security content for defending against CVEs
Watch the full Tech Talk here:
- Chapters
- descriptions off, selected
- captions settings, opens captions settings dialog
- captions off, selected
- en (Main), selected
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
End of dialog window.
This is a modal window. This modal can be closed by pressing the Escape key or activating the close button.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.