Splunk Security Content

Splunk Threat Reasearch Team (STRT)

We help security teams around the globe strengthen operations by providing tactical guidance and insights to detect, investigate and respond against the latest threats.

Linux Sudo OR Su Execution

Sudo and Sudo Caching, Abuse Elevation Control Mechanism

Linux Sudoers Tmp File Creation

Sudo and Sudo Caching, Abuse Elevation Control Mechanism

Linux Common Process For Elevation Control

Setuid and Setgid, Abuse Elevation Control Mechanism

Linux Preload Hijack Library Calls

Dynamic Linker Hijacking, Hijack Execution Flow

Linux File Created In Kernel Driver Directory

Kernel Modules and Extensions, Boot or Logon Autostart Execution