Name: Detecting Trickbot with Splunk
Start: 2022-01-06T17:00:00Z
End: 2022-01-06T17:00:38.000Z
Location: BrightTALK

Splunk is helping to build a safer and more resilient digital world by equipping customers with the unified security and observability platform they need to keep their organization securely up and running — no matter what digital disruptions come their way.

Building AI-ready enterprises requires more than deploying advanced models—it demands foundational capabilities that establish trust and resilience.

Join Peter Sprenger, Field CTO at Splunk, as he discusses how organizations can build AI-ready enterprises through observability, security frameworks, and data platforms that establish trust and resilience.

Building Trust and Resilience Into Enterprise AI Strategies

SOC teams are overwhelmed—facing nonstop alerts, tool sprawl, and attackers using AI at machine speed. Many SOCs simply can’t keep up, leaving analysts burned out with threats slipping through the cracks.
 
Watch our webinar to learn how Splunk Enterprise Security changes that. Splunk Enterprise Security is offered in two flexible editions designed to support organizations at every stage of their SOC journey.  Both editions deliver a unified, AI-powered SecOps platform that consolidates multiple tools into a single, purpose-built SecOps platform infused with AI and automation. Splunk Enterprise Security Essentials and Enterprise Security Premier editions give organizations the flexibility to choose the solution that best fits their needs. 

In our demo and technical deep dive you’ll see how Splunk Enterprise Security helps you:
 
- Streamline workflows: Consolidate SIEM, SOAR, UEBA, threat intel, and case management into one platform.
- Leverage AI for speed: Use AI Assistants for query generation, triage, and response to supercharge productivity.
- Maximize visibility & accuracy: Gain full-fidelity data visibility and reduce false positives with Risk-Based Alerting and new detection engineering capabilities.
 
Watch now and see how Splunk Enterprise Security empowers your SOC to end analyst fatigue, reduce risk, and respond faster in the AI era.

Demo Day: End SOC analyst fatigue with the reimagined Splunk Enterprise Security

Security teams are facing more challenges than ever: tool sprawl, alert overload, skills gaps, and an ever-expanding threat landscape. The result? A staggering 46% of SOCs admit they spend more time maintaining tools than defending their organizations — and attackers are taking advantage.
 
Splunk’s State of Security 2025 report reveals how leading SOCs are tackling these challenges head-on, transforming from overwhelmed to optimized with AI, automation, and unified platforms. Notably, 59% of organizations have seen a moderate or significant boost in efficiency with AI; and nearly 9 in 10 say AI will fundamentally transform their operations within the next three years. 
 
Watch our session where experts, Kirsty Paine, Field CTO & Strategic Advisor at Splunk, and Alyssa Robinson, Chief Information Security Officer at HubSpot, share the current state of security and what you can do about it. 

You’ll learn:
 
AI in Action: Discover how domain-specific AI is helping analysts boost productivity, reduce false positives, and accelerate investigations.
Skills of the Future: Understand the most critical capabilities SOCs need to close the talent gap and build resilience.
Unified Operations: Find out how a connected platform approach drives faster incident response and better coverage.

Watch now!

The AI-Powered SOC: What’s Working for Leading Security Teams

With the 2027 SAP ECC support deadline rapidly approaching, organizations face a critical choice that will determine whether their migration succeeds or fails. In this 30-minute fireside chat, experts on SAP, Azure, and Splunk observability unpack why S/4HANA migration is no longer just an SAP project—it’s a cloud and observability decision as well. Whether you’re extending existing on-premises monitoring or running SAP on Azure today, the architectural choices you make now will decide whether your migration is controlled and predictable or a high-stakes fire drill.

Together, we’ll walk through real-world scenarios where custom code crushes HANA performance, integration cascades ripple across distributed systems, and traditional monitoring tools fall short when you need them most. You’ll see how Azure’s SAP-certified cloud foundation and Splunk’s unified observability platform can help you close the gaps that basic Azure tools and siloed SAP monitoring alone can’t bridge—correlating application, data, and infrastructure signals end-to-end across hybrid and multi-cloud environments.

Most importantly, this session shows how Splunk + SAP + Azure can help ensure S/4HANA migration success: SAP brings the modern business capabilities, Azure provides the trusted enterprise-grade cloud for SAP customers who already rely on it, and Splunk delivers unified observability that spans every boundary. You’ll leave with concrete patterns, timing guidance, and proof points that can reduce MTTR, avoid millions in unplanned downtime, and give your organization the confidence to move now rather than react under pressure later.

The reality of SAP migration: Why observability changes everything

If you’re using Splunk and AWS in your company’s cloud environment, you know you have a lot of data at your fingertips. But do you know if you’re making the best choices on how to ingest and explore it? Join Splunk and Amazon Web Services for a hands-on Immersion Day workshop to learn best practices for getting data into Splunk. We’ll break down the basics and offer tips and important considerations for data ingestion. Users will also get a firsthand look at solutions such as the Splunk Add-on for AWS, Amazon Data Firehose, and custom Lambda functions, helping them to scale data ingestion, insights, and analysis with confidence. Register now!

GDI (Getting Data In) Immersion Day Workshop

Want to accelerate your ability to predict and prevent incidents before they occur? Learn how Splunk AI can be the catalyst. Join us to learn how to get started using Splunk AI for Predictive Maintenance, Detecting Service Performance Issues, Alert Noise Reduction, and User Experience Monitoring. We'll introduce the AI impact assessment framework to assess objectives, risk, and execution capacity, demonstrate how to use custom Anomaly Detection with the Splunk Platform and discuss the embedded AI capabilities in Splunk Observability Cloud with a special focus on Splunk ITSI.

Splunk AI for Observability: Accelerate Detection, Investigation and Response

AI is the current hot topic, but what is AIOps? In this session, we'll cut through the hype to define AIOps, how it can help you and how to get started. With real-world examples of how businesses succeed using Splunk's AIOps capabilities, we'll discuss applying AI and ML to accelerate incident response, reduce MTTD and MTTR, cut costs and empower teams with the tools they need to make decisions quickly.

AIOps - How Observability Can Help You

To minimize the risk posed by threat actors, security teams need the ability to quickly detect and analyze potential threats, so they can understand the full scope of an incident and determine the best response as quickly as possible.

However, many teams struggle with this. Analysts need to manually synthesize data, files, and URLs to formulate insights, and then take the time to draw conclusions and take corrective actions. This is inefficient, and leads to slower response times.

Join this webinar to see how Splunk Attack Analyzer helps reduce investigation and response times through automated threat analysis.

You’ll get a step-by-step demonstration showing how Splunk Attack Analyzer:

- Saves analysts time and effort by automatically breaking down attack chains.
- Navigates obfuscation techniques throughout the attack chain to extract forensics and deliver comprehensive, consistent analyses.
- Integrates with Splunk SOAR to automate end-to-end analysis and response workflows.

Live Demo: Automating Threat Analysis with Splunk Attack Analyzer

To keep up with today’s complex threat landscape, SIEM solutions are now more than a system that ingests security logs from other security tools in an organization. It has evolved to become a modern threat detection, investigation, and response solution that acts as a centralized hub for the SOC.

Join guest speaker IDC’s Michelle Abraham and Lily Lee from Splunk for an engaging discussion on how SIEMs are evolving to better support security analysts so that they work more efficiently.

In this webinar, you’ll learn about all of this and more including:

- Research and trends in today’s SIEM market from IDC market surveys.
- What makes a modern SIEM - what are the essential features and capabilities?
- Why a modern SIEM is critical to the success of the SOC.
- How Splunk addresses the challenges the SOC faces with the market-leading SIEM solution.

The SIEM of Tomorrow: How SIEMs Are Evolving to Power the Modern SOC

Migrate with Confidence. Transform with Intelligence.

The future of your SAP environment is in the cloud — but migration doesn’t have to be risky, disruptive, or overwhelming.
Join experts from Splunk, AWS, SAP, and Accenture as they unpack how a unified strategy, built on trusted partnerships and proven technology, helps enterprises fast-track SAP migrations to the cloud—while maximizing performance, minimizing disruption, and unlocking long-term value.

Whether you're planning your move to RISE with SAP on AWS, in the midst of a transformation, or optimizing post-migration, this webinar will show you how to gain end-to-end visibility, operational intelligence, and shared security across your entire SAP landscape.
 
What You’ll Learn:
● Why “Better Together” Works: Learn how the combined power of Splunk, AWS, SAP, and Accenture de-risks your SAP migration journey.
● De-Risk Your Cloud Journey: See how Splunk helps monitor and protect your SAP environment — before, during, and after migration.
● The AWS Advantage: Discover why thousands of SAP customers trust AWS for scalable, secure, and cost-efficient SAP workloads.
● RISE with SAP on AWS: Understand how SAP’s cloud strategy accelerates innovation and simplifies deployment.
● Operational Intelligence from Accenture: Hear how observability, powered by Splunk / Cisco and Accenture, drives successful S/4HANA outcomes.
● Real-World Success: See how companies like 3M are already benefiting from this integrated approach.

Drive innovation and digital resilience: How to accelerate and de-risk your SAP migration to the cloud

What if there was an open-source, vendor-neutral framework for collecting telemetry data? One single agent that provides a consistent and standardised way of instrumenting applications and infrastructures? Good news – there is! What we’ve just described is OpenTelemetry – a joint project between Splunk, Google, Microsoft, Amazon and several other organisations that currently has the second-largest number of contributors in the Cloud Native Computing Foundation after Kubernetes. But do you know how to use it? Or if you should use it? The best thing to do is to learn about OpenTelemetry from the major contributor of the code. This session is an introduction to OpenTelemetry and will explain why it doesn't make sense to have an Observability strategy without OpenTelemetry.

Observability with OpenTelemetry: It Just Makes Sense

In today’s complex digital landscape, achieving true digital resilience demands more than buzzwords—it requires clarity, precision, and the right solutions. However, the rise of “observability washing” has made understanding what observability means more challenging than ever. Join us as we unravel the varied definitions of observability and demystify modern platform components. We’ll take you behind the curtain to reveal what’s essential, what’s optional, and how to select the right solution for lasting resilience.

Observability Myths Busted: How to Choose the Right Solution for True Digital Resilience

Discover how Splunk empowers your security strategy by seamlessly integrating with Cisco solutions to deliver actionable insights. This session goes beyond the basics, showing you how to leverage Splunk’s advanced analytics to strengthen your cybersecurity posture. See real-world applications of the platform and learn how it fits into your IT and security operations to enhance visibility, accelerate threat detection, and boost overall resilience. If you're looking to harness data for smarter, faster security decisions, this session is a must-attend.

Power the SOC of the Future

Learn how Splunk revolutionizes asset discovery and compliance monitoring to transform your approach to risk management. This session will show you how to tap into your existing Splunk data to build a comprehensive, real-time asset inventory. Discover how to quickly identify compliance gaps, reduce risk exposure, and enhance your security investigations with accurate, contextual insights. If you're looking to improve visibility and make more informed security decisions, this session will guide you through leveraging Splunk to elevate your risk management strategy.

Reducing Enterprise Risk with Continuous Intelligence and Asset Visibility

With the exponential growth of data creation; data volume and complexity is only increasing, finding that proverbial "needle in the haystack" is becoming more challenging. Join our webinar to explore best practices for service-centric data management and observability strategies. We’ll cover essential topics such as context propagation, service tagging, and how AI can be leveraged to optimise services.

Optimising Data Management for Improved Observability and Digital Resilience

A new wave of observability is coming. The accumulation of monitoring tools combined with multi-cloud operating models promise end-to-end visibility but instead create confusion and despair. Now, instead of focusing on delivering cool software, engineers deal with time-consuming investigations, excessive uncertainty, and underwhelming tech stack performance. Enter AI Assistant in Splunk Observability Cloud, a new GenAI-powered experience that helps engineering teams easily take on observability tasks by asking questions about their environment using natural language. From root cause analysis to troubleshooting and dashboarding, AI Assistant empowers every engineer to accelerate their investigations by unlocking key insights, turning them into digestible concepts, and simplifying workflows

Introducing the AI Assistant in Splunk Observability Cloud

A powerful alliance is formed when CISOs and boards unite, paving the way for enhanced digital resilience. However, differences in how to prioritize and measure the impact of cybersecurity can create misalignment. Join to explore the top 5 gaps between CISOs and the board.

Bridge the Gap – CISO and the Board

Join industry experts from Splunk and AWS for an exclusive analyst interview exploring how organizations can unlock unified, real time insights through Federated Analytics for Amazon Security Lake. Discover how the combined power of Splunk's advanced analysis with AWS native security tooling delivers enhanced threat detection, accelerated incident response, and improved operational efficiency.

Unlocking Security Insights: A Deep Dive into Federated Analytics for Amazon Security Lake with Splunk and AWS

Who Should Attend: Splunk Administrators, Security Analysts, SOC Managers

Trickbot is a very popular crimeware carrier associated with recent ransomware campaigns. It is a trojan that has gained popularity from being effective at infecting and propagating botnets – one of the main financial drivers of cyber criminal groups. The effectiveness of trickbot crimeware comes from its stealthiness and versatility in installing payloads for further lateral movement and post-exploitation profit-driven activities such as cryptocurrency, ransomware, or banking fraud. But don’t worry! The Splunk Security Research team has developed an analytic story targeting Trickbot TTPs to help you detect them in your environment and respond immediately.

Tune in to learn:

-How Trickbots, botnets, and webinjects work together in a malicious cyber campaign
-How to utilize pre-built searches to detect Trickbots in your environment
-How to utilize pre-built automated playbooks to respond to Trickbots

Detecting Trickbot with Splunk

SecOps

DevOps

Cloud Security

Cloud Applications

Cloud Infrastructure

Enterprise Security

Incident Response

Application Performance

Cloud Architecture

Threat Detection

Get powerful e-commerce insights to grow your online transaction volume. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the e-commerce strategies and techniques that drive growth.

E-commerce

The marketing community on BrightTALK is made up of thousands of engaged marketing professionals. Find relevant webinars and videos on marketing strategy, branding and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Marketing

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful insights on how to best serve today's customers. If you want to create a successful customer experience today, you will have to appeal to the need for “alone together” time. Millennials, Gen X, Boomers or Silent Generation all look for shared but individual experiences.

Customer Experience

The sales community on BrightTALK brings together thousands of engaged sales professionals. Learn about careers in IT sales and marketing, sales techniques and selling strategies. Join the discussion by participating in on-demand and live sales webinars and summits with leaders in the sales industry.

Sales

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Detecting Trickbot with Splunk

Presented by

About this talk

Splunk Inc.