Optimize Phishing Detection and Response with LogRhythm and Office 365

Logo
Presented by

Randy Franklin Smith (UWS) | Greg Foss (LogRhythm)

About this talk

Today’s hackers often favor the phishing email as their weapon of choice. Phishing attacks are not only common, but are also very difficult to defend against. What if you could detect and mitigate a phishing attack before its intended target clicks on that fatal link or opens that malicious attachment? When your Exchange server is in the Office 365 cloud, solutions such as constant inbox scanning or relying on synchronous mail flow aren’t viable options. Instead, you can find a strong defense against phishing emails in the Message Tracking log in Exchange. The Message Tracking log is available in both on-prem Exchange and Office 365 Cloud’s Exchange Online. Message Tracking logs include valuable information about the client, servers, sender, recipients, message subject, and more. If you can access this information and know how to mine it, you can detect likely phishing emails. In this webinar, you’ll learn how to: - Recognize the format of message tracking logs - Pull message tracking logs from Office 365 using PowerShell’s Get-MessageTrackingLog cmdlet - Work through a list of checks to perform against message tracking events to detect phishing emails - Move suspect emails to a sandbox where you can use analysis tools like PhishTank, ThreatGRID, or OpenDNS - Remove copies of phishing emails from other recipients - Automatically detect and respond to phishing attacks with no analyst intervention - To optimize your phishing response efficiency, LogRhythm has introduced a new open-source Phishing Intelligence Engine (PIE). PIE is a PowerShell framework focused on phishing attack detection and response. Register for the webinar now to learn how you can use LogRhythm’s PIE and Office 365 to better detect and respond to phishing attacks.

Related topics:

More from this channel

Upcoming talks (4)
On-demand talks (185)
Subscribers (65780)
LogRhythm helps busy and lean security operations teams save the day—day after day. There’s a lot riding on the shoulders of security professionals—the reputation and success of their company, the safety of citizens and organizations across the globe, the security of critical resources—the weight of protecting the world. LogRhythm helps lighten this load. The company is on the frontlines defending against many of the world’s most significant cyberattacks and empowers security teams to navigate an ever-changing threat landscape with confidence. As allies in the fight, LogRhythm combines a comprehensive and flexible security operations platform, technology partnerships, and advisory services to help SOC teams close the gaps.