Watch Now

Who Should Attend: Splunk Administrators, Security Analysts, SOC Managers

Trickbot is a very popular crimeware carrier associated with recent ransomware campaigns. It is a trojan that has gained popularity from being effective at infecting and propagating botnets – one of the main financial drivers of cyber criminal groups. The effectiveness of trickbot crimeware comes from its stealthiness and versatility in installing payloads for further lateral movement and post-exploitation profit-driven activities such as cryptocurrency, ransomware, or banking fraud. But don’t worry! The Splunk Security Research team has developed an analytic story targeting Trickbot TTPs to help you detect them in your environment and respond immediately.

Tune in to learn:

  • How Trickbots, botnets, and webinjects work together in a malicious cyber campaign
  • How to utilize pre-built searches to detect Trickbots in your environment
  • How to utilize pre-built automated playbooks to respond to Trickbots

Speakers:

Rod Soto

Principal Security Research Engineer, Splunk

Teoderick Contreras

Principal Security Research Engineer, Splunk

DO NOT EDIT
Sitemap | Privacy | Website Terms of Use | Splunk Licensing Terms | Export Control | Modern Slavery Statement | Splunk Patents
Splunk, Splunk>, Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.