Skip to main content
shared header v2
Push Down Banner V1 Analytics Patch, remove after implementing V2 (S9 or S10)
Global nav V2 patch, remove after adding the mobile languages fix in the codebase (S7 or S8)

SURGe Security Research Team

Research to reinforce the blue team

SURGe by Splunk logo

Expertise to help solve security problems

The SURGe team focuses on in-depth analysis of the latest cybersecurity news and finding answers to security problems. All of this is delivered to you in the form of research, rapid response guides, suggested reading and events.


Analysis of ransomware binaries Analysis of ransomware binaries

Evaluating CA Trustworthiness

SURGe analyzed more than five billion TLS certificates to find out if the Certificate Authorities we rely on are really worthy of our trust. 

Read the Key Findings
Analysis of ransomware binaries Analysis of ransomware binaries

Analysis of ransomware binaries

SURGe tested 10 of the top ransomware variants to see how long you have until ransomware encrypts your system.

Read the White Paper
Macro-Level ATT&CK analysis Macro-Level ATT&CK analysis

Macro-Level ATT&CK analysis

SURGe combined annual threat reports to highlight adversary behavior via MITRE ATT&CK and help inform defensive planning.

Read the Results

Rapid response guides

Get early contextual awareness and initial response techniques for high-profile security events.

More from SURGe

bluenomicon image

Bluenomicon: The Network Defender’s Compendium

Step into the mystical realm of the Bluenomicon – a collection of essays penned by cybersecurity wizards.


The PEAK Threat Hunting Framework

Take your threat hunting program to a new level with the platform-agnostic hunting framework from SURGe.


The Security Detail

In this podcast, co-hosts Audra Streetman and Kirsty Paine interview security experts about the top threats that they’re seeing in their particular vertical.

surge blogs

SURGe blogs

Highlights on the latest SURGe research, cybersecurity insights and advice for making the most of Splunk Security

surge coffee talk

Coffee Talk with SURGe

Watch SURGe team members every Tuesday on LinkedIn or YouTube at 11am PT as they discuss the latest security news, tell a few bad jokes and interview other cybersecurity professionals.

Monthly security staff picks

A curation of industry articles, papers and presentations recommended by Splunk security experts.

security staff picks

Added security defenses

Building on rapid response guides, the Splunk Threat Research Team creates detection searches and Splunk SOAR playbooks (where applicable). Learn more about the Splunk Threat Research Team

Splunk threat research team logo

Related security products

Protect your business and elevate your security operations with a best-in-class data platform, advanced analytics and automated investigations and response.

attack-analyzer attack-analyzer

Splunk Attack Analyzer

Automatically detect and analyze the most complex credential phishing and malware threats.

View Product Details
enterprise-security enterprise-security

Splunk Enterprise Security

Turn data into doing by putting trust into an agile security analytics solution that moves at the speed of your business.

View Product Details

Splunk SOAR

Work smarter by automating repetitive security tasks, respond to incidents in seconds, and increase analyst productivity
and accuracy to better protect your business. 

View Product Details
Splunk Mission Control Splunk Mission Control

Splunk Mission Control

Detect, investigate and respond to threats from one modern and unified work surface. 

View Product Details
Splunk Security Essentials Splunk Security Essentials

Splunk Security Essentials

Extend the power of Splunk Cloud or Splunk Enterprise for enhanced, real-time security visibility and improved threat detection.

View Product Details
Splunk User Behavior Analytics Splunk User Behavior Analytics

Splunk User Behavior Analytics

Secure against unknown threats through user and entity behavior analytics.

View Product Details

SURGe Alerts

Sign up to receive notification of any new rapid response guides and quarterly newsletters.