soar Featured SOAR Enrichment: Powershell Encoded Commands Splunk SOAR helps you as a security analyst to focus on what's essential, security—taking away meaningless time on tasks that could easily be automated.
Featured Splunk ES: Risk Notable Urgency In Splunk Enterprise Security, the Urgency levels for the out-of-the-box Risk notables will not be assigned correctly. Add this simple solution to fix it.
Featured Splunk RBA: Dynamic MITRE ATT&CK Annotations How to dynamically add MITRE ATT&CK annotations from an existing data source to use with Splunk RBA.
Splunk Apps/Add-ons Featured Introducing SA-AwsAssets for Splunk Enterprise Security Introducing SA-AwsAssets for Splunk Enterprise Security. Quickly populate your asset database with data from AWS.
Featured Splunking Canarytokens Canarytokens are a free, quick, painless way to help defenders discover they've been breached (by having attackers announce themselves.) This data can be ingested into Splunk for additional analysis.
Splunk Apps/Add-ons Featured Introducing SA-SentinelOneDevices for Splunk Enterprise Security Introducing SA-SentinelOneDevices for Splunk Enterprise Security. Quickly populate your asset database with data from SentinelOne.
Splunk Apps/Add-ons Featured Introducing SA-CrowdstrikeDevices for Splunk Enterprise Security Introducing SA-CrowdstrikeDevices for Splunk Enterprise Security. Quickly populate your asset database with data from Crowdstrike.
