The Splunk Threat Research Team is a team of industry-recognized experts who are encouraged to improve the security industry by sharing our work with the community via conference talks, open-sourcing projects, and writing white papers or blogs. We are an active part of a customer’s overall defense strategy by enhancing Splunk security offerings with verified research and security content such as use cases, detection analytics, and automation playbooks.

Our Mission

Our mission is to help security teams around the globe to strengthen their operations by providing tactical guidance and insights on how to detect, investigate and respond against the latest threats.

How We Do It

The Splunk Threat Research Team focuses on understanding how threats, actors, and vulnerabilities work, and the team replicates attacks which are stored as datasets in the Attack Data repository.

📺 here is a short video on our approach to research