Splunk Tech Talks
Deep-dives for technical practitioners.

Detections for Trickbots, Malicious PowerShell & DevSecOps

LesediK
Splunk Employee
Splunk Employee

View our Tech Talk: Security Edition, Detections for Trickbots, Malicious PowerShell, and DevSecOps 

 



The Splunk Threat Research team provides additional context to emerging threats. We create in-product security content that you can use right out of the box in Splunk Enterprise Security and Splunk SOAR! During the last three months, we dived into understanding how adversaries use a variety of methods to get their hands on private data.

We learned how Trickbots, botnets, and webinjects work together in a cyber campaign. We explored how to use Script Block Logging to detect malicious powershell. And lastly, we looked into the typical development lifecycle to see how advanced threats infiltrate into software build pipelines, source code repositories, and container orchestrators.

Watch this webinar  to learn:

  • How Trickbots, botnets, and webinjects work together in a cyber campaign
  • How to detect malicious powershell with script block logging
  • How to develop detections for all phases of DevSecOps lifecycle
Get Updates on the Splunk Community!

3 Ways to Make OpenTelemetry Even Better

My role as an Observability Specialist at Splunk provides me with the opportunity to work with customers of ...

What's New in Splunk Cloud Platform 9.2.2406?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2406 with many ...

Enterprise Security Content Update (ESCU) | New Releases

In August, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...