View our Tech Talk: Security Edition, Detections for Trickbots, Malicious PowerShell, and DevSecOps
The Splunk Threat Research team provides additional context to emerging threats. We create in-product security content that you can use right out of the box in Splunk Enterprise Security and Splunk SOAR! During the last three months, we dived into understanding how adversaries use a variety of methods to get their hands on private data.
We learned how Trickbots, botnets, and webinjects work together in a cyber campaign. We explored how to use Script Block Logging to detect malicious powershell. And lastly, we looked into the typical development lifecycle to see how advanced threats infiltrate into software build pipelines, source code repositories, and container orchestrators.
Watch this webinar to learn:
- How Trickbots, botnets, and webinjects work together in a cyber campaign
- How to detect malicious powershell with script block logging
- How to develop detections for all phases of DevSecOps lifecycle