Splunk® Security Content

Release Notes

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of ESSOC. Click here for the latest version.
Acrobat logo Download topic as PDF

What's New

Enterprise Security Content Updates v3.17.0 was released on March 16, 2021. It includes the following enhancements.

New stories include the following:

  • Windows Discovery Techniques

New detections include the following:

  • Detect Exchange Webshell

Updated analytic stories include the following:

  • Sunburst Malware ( now called NOBELIUM Group)

Updated detections include the following:

  • Ryuk Wake On Lan Command
  • Any Powershell DownloadFile
  • Cobalt Strike Named Pipes
  • Suspicious Curl Network Connection
  • Detect Mimikatz Using Loaded Images
  • W3wp Spawning Shell
Last modified on 24 March, 2021
  NEXT
Fixed Issues

This documentation applies to the following versions of Splunk® Security Content: 3.17.0


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters