Welcome to Splunk Security Content

See What Is New! - Latest Update: v4.44.0
Download Latest Version
Detections

1799 Splunk Detections built to find evil.

Detections
Analytic Stories

266 Analytic Stories to address use cases.

Analytic Stories
Playbooks

76 Automated playbook responses.

Playbooks

What's New

Enable your SOC with Proven detections

This project gives you access to our repository of Analytic Stories that are security guides which provide background on TTPs, mapped to the MITRE framework, the Lockheed Martin Kill Chain, and CIS controls. They include Splunk searches, machine-learning algorithms, and Splunk SOAR playbooks (where available)—all designed to work together to detect, investigate, and respond to threats.

Sources of Data

Detections by Platforms

Detection Coverage MITRE ATT&CK

A snapshot in time of what technique we currently have some detection coverage for. The darker the shade of blue the more detections we have for this particular technique.

We Value Your Feedback!

Help us improve! Please take a moment to share your thoughts on our website.

Give Feedback

Questions?

Please use the GitHub issue tracker to submit bugs or request features.

If you have questions or need support, you can:

Contribute Content

If you want to help the rest of the security community by sharing your own detections, see our contributor guide for more information on how to get involved!