Threat Hunting Webinar
Prevention should never be your last line of defence, no matter how sophisticated your static analysis claims to be. The key to effective endpoint protection lies in the ability to intelligently uncover and behaviourally detect advanced threats and respond at machine speed.
The Threat Hunting Webinar:
This Threat Hunting Webinar will explain the tools, techniques and procedures used by adversaries, together with, how to detect and contain attacks.
We will then go onto how adversaries use the weaponisation of a Multi-Staged Attack, Process Execution, Privilege Escalation, Beaconing, Lateral Movement and Data Exfiltration. Providing you with endpoint and network indicators as well as invaluable knowledge on how to obtain this evidence.
Time: 10:30AM GMT
Date: 13 March 2020
-Threat Hunting overview
# What to look for
# Tactics, Techniques and Procedures (TTP’s)
# Event ID’s
# Network artefacts
-Kill Chain – walk through some detections
# Payload Delivery
# Lateral Movement
# DNS Exfiltration
-Machine Learning and what it can do
About the presenters:
Luk Schoonaert is Director of Technology at Exclusive Networks. Focused on advanced attacks, behaviour based technology (UEBA) and a passion for Digital Forensics, Incident Response, Threat Hunting and Adversary Simulation.
A Certified Network Security specialist with over 20 years of experience in Cyber Security, DDOS, Firewalling, Zero Day Threat prevention, Web and E-mail security gateways, Advanced Persistent Threats and Incident Response, DFIR, Threat Hunting and UEBA.
Andy James, the CEO of Custodian360 and a seasoned security professional with over 20 years experience and a leader in his field. Andy specialised in endpoint protection along with playing an active role in security education, programs design and architecture, compliance, privacy and vendor vulnerability assessments.
Andy has a passion for helping businesses of all sizes understand the why, what, when and how of security
Sign up to this free, educational webinar below
From the integration with CloudKnox, AWS IAM Access Analyser is a new function that analyses resource policies to help administrators and security teams protect their resources from unintended access.
Reports this week have announced that computers at the DCH medical centres have been infected with ransomware. Three hospitals that make up the group in Alabama were closed to new patients as the attack paralysed the health network’s computer system.