What's new
Enterprise Security Content Updates v4.15.0 was released on November 2, 2023. It includes the following enhancements:
New analytic stories
New analytics
Updated analytics
- Windows Admin Permission Discovery
- Confluence CVE-2023-22515 Trigger Vulnerability
- Confluence Data Center and Server Privilege Escalation
Other Updates
Migrated to GitLab as the primary DevSecOps platform to better integrate ESCU testing with other Splunk products such as Enterprise Security. Splunk Security Content is also available on Github as an open source for Splunk customers and other open-source contributors.
Updated Gitlab CI pipelines to integrate code Content Control (contentctl), which is an innovative application that streamlines the Splunk Security Content creation lifecycle through the validation of YAML files, building the ESCU application, testing detection against attack data, and facilitating automatic deployment to Splunk servers. For a comprehensive understanding and further information, refer to the contentctl readme section.
What's in Splunk Security Content |
This documentation applies to the following versions of Splunk® Security Content: 4.15.0
Feedback submitted, thanks!