What do you do when adversaries don’t use any malware or exploits? We will show how to deal with malware-free intrusions; how to detect, prevent, attribute and respond. This session will feature techniques we’ve observed in the field, from the stealthiest adversaries who leave no malware footprints behind. We will demonstrate a live attack and show how CrowdStrike’s next-generation endpoint protection solution, Falcon Host, can detect the activity in real-time and provide relevant countermeasures for protection and response.
In this session, you will learn how to:
•Determine whether advanced adversaries have gained a foothold in your organization without using malware
•Identify and observe adversary’s lateral movement to understand what they want and who they are targeting in your organization
•Gain the ability to record and reconstruct an incident completely to understand what systems and data the adversary has touched