The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...
GitHub

Guscyrus-cyber/Splunk_SQL_Injection_lab

This lab focused on detecting, monitoring, analyzing, and investigating SQL injection attack activity using Splunk Enterprise within a simulated SOC environment. A custom web attack dataset containing ...
LinkedIn

How to stop SQL Server attacks with Splunk

SQL Server: Not just a database. It's also a launchpad for attackers. Learn from the Splunk Threat Research Team how adversaries exploit built-in features for code execution and persistence — and, ...
LinkedIn

Mental Transitions from SQL to Splunk: Office Buildings vs Public Libraries

I came to Splunk from the relational world last year (December 2016), and let me tell you, translating directly from SQL code to SPL will screw you up nearly every time. There are many things that are ...