Splunk Tech Talks
Deep-dives for technical practitioners.

Detections for Trickbots, Malicious PowerShell & DevSecOps

LesediK
Splunk Employee
Splunk Employee

View our Tech Talk: Security Edition, Detections for Trickbots, Malicious PowerShell, and DevSecOps 

 

(view in My Videos)


The Splunk Threat Research team provides additional context to emerging threats. We create in-product security content that you can use right out of the box in Splunk Enterprise Security and Splunk SOAR! During the last three months, we dived into understanding how adversaries use a variety of methods to get their hands on private data.

We learned how Trickbots, botnets, and webinjects work together in a cyber campaign. We explored how to use Script Block Logging to detect malicious powershell. And lastly, we looked into the typical development lifecycle to see how advanced threats infiltrate into software build pipelines, source code repositories, and container orchestrators.

Watch this webinar  to learn:

  • How Trickbots, botnets, and webinjects work together in a cyber campaign
  • How to detect malicious powershell with script block logging
  • How to develop detections for all phases of DevSecOps lifecycle
Contributors
Get Updates on the Splunk Community!

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Laser Bananas and Edge Hubs: Exploring Operational Technology (OT) Data Through a ...

  OT is a different environment to traditional IT and can have interesting challenges when interfacing the ...

Event Series: Mastering AI Tokenomics and Splunk Agent Observability

Beyond the Black Box: Correlating AI Performance and Tokenomics with Splunk Agent Observability   As ...