Stories from the SOC: Remote Access Made (un)Easy [APAC]

Logo
Presented by

Lonnie Best, Manager, Detection & Response Services @ Rapid7

About this talk

Rapid7's Managed Detection and Response (MDR) and Incident Response (IR) teams responded to multiple instances of organizational compromise in which a threat actor employed several unique tools, techniques, and procedures (TTPs), including the legitimate remote access tool, ScreenConnect, to maintain persistent access to the compromised environments. In this session, learn how Rapid7's MDR service used the visibility and insights to track down and eradicate the threat actor from other organizational environments through the use of open-source intelligence, threat hunting, detection engineering, and ongoing customer partnerships.
Related topics:

More from this channel

Upcoming talks (6)
On-demand talks (563)
Subscribers (46547)
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attackers methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what’s next.