Hi [[ session.user.profile.firstName ]]

[APAC] Five practical use cases to enhance threat detection and response

Without rapid and accurate threat detection, your mean time to detect and respond to damaging cyberattacks is compromised, allowing attackers time to steal your organisation’s sensitive data. From collecting security and log data to utilising machine analytics, your team can effectively reduce the time it takes to discover threats on your network.

In our webinar Jake Anthony and Simon Hamilton from LogRhythm outline five practical use cases to enhance threat detection and response with your existing tools.

These include:

• Integrating endpoint detection for improved threat hunting capabilities
• Combining logical and physical authentication to spot anomalous access
• Automating detection and response to Phishing attacks
• Detecting possible indicators of bit-coin mining
• Improving incident response times through audio and visual alerting

Join this webinar: if you are a SOC manager, security analyst, security architect and you are responsible for managing your organisations cybersecurity.
Recorded May 14 2020 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jake Anthony, Systems Engineer and Simon Hamilton, Client Manager, LogRhythm
Presentation preview: [APAC] Five practical use cases to enhance threat detection and response

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [APAC] Supercharging LogRhythm: Using Jupyter Notebook to enhance threat hunting Mar 30 2021 2:00 am UTC 41 mins
    Jake Anthony, Enterprise Sales Engineer, LogRhythm
    Having a well-run, foundational SIEM for your security posture is a fantastic goal for most organisations, however that shouldn’t be where the drive to improve organisational security stops.

    In this on-demand webinar Jake Anthony, Enterprise Sales Engineer, LogRhythm, looks at how combining Open Source technologies such as Jupyter Notebook can enhance your security posture through optimisation and integration with the LogRhythm NextGen SIEM Platform.

    Watch to discover:
    • LogRhythm & Open Source
    • What is Jupyter Notebook
    • How you can leverage it in your environment
    o Streamline MITRE ATT&CK tag creation
    o Expand visualisation capabilities
    o Enhance threat hunting playbooks
  • [APAC] Dated Zero Trust in 2020? Make a Commitment in 2021! Mar 9 2021 2:00 am UTC 47 mins
    James Carder and David Holmes
    Ever since Forrester alum John Kindervag founded the concept of Zero Trust in 2009 , it’s intrigued those with its “Never trust, always verify” approach to security. Even so, many believed the framework to be out of their reach, often citing high costs or labor requirements as a barrier to entry.

    High-profile implementations of Zero Trust by companies like Google and Beyond Corp have helped the cybersecurity industry realize its feasibility ; however, most organizations have still taken an exploratory approach to Zero Trust — that is, until COVID-19 forced companies to stand up remote workforces practically overnight.

    The sudden pressure to keep employees and assets both connected and secure resulted in a paradigm shift for how IT and security teams operate — and a spike in interest and adoption of Zero Trust as a security strategy. But the circumstances leading to this meant that most organizations didn’t already have a roadmap to guide a holistic implementation, so many scrambled to apply bits and pieces of Zero Trust and are now wondering how to take the next step with the framework.

    Guest speaker, Forrester senior analyst David Holmes and LogRhythm CSO James Carder are here to help. During this session, they’ll discuss:
    • How the security community can directly translate Zero Trust components into concrete roadmap items
    • How security elements like automation and visibility tie into the framework
    • Examples of each based on Forrester research

    You will also hear from James about his own successful implementation of Zero Trust at LogRhythm.

    Register today to learn how to solidify your Zero Trust strategy so you can realize the benefits of a
    full implementation.
  • [APAC] The State of Cybersecurity Panel Mar 3 2021 2:00 am UTC 70 mins
    James Carder, Rob Lee, Steve Surdu, Jake Willems & Chris Stangl
    During our RhythmWorld 2020 Security Conference, a panelist of five security titans met to discuss the state of cybersecurity today and their insights into the future. They’ll cover the biggest threats, latest innovations, and their visions for the industry.

    2020 proved to be a year of front-page ransomware attacks, state-sponsored hacking campaigns, and waves of data breaches. On top of direct attacks, security teams faced natural disasters, a complicated geo-political environment, and changing workplace.

    This panel is moderated by James Carder, LogRhythm Chief Security Officer. James is joined by:

    •Rob Lee, Head of SANS Digital Forensics and Incident Response (Former member of the US Air Force Office of Special Investigations (AFOSI) and Director at Mandiant)
    •Steve Surdu, Principal, Surdu Consulting (Former Vice President of Services and Incident Response at Mandiant)
    •Jake Willems, Founder, Rendition Infosec (IANS Faculty Member and industry thought leader @MalwareJake)
    •Chris Stangl, Station Chief, FBI
  • [EMEA] Supercharging LogRhythm: Using Jupyter Notebook to enhance threat hunting Recorded: Feb 25 2021 42 mins
    Jake Anthony, Enterprise Sales Engineer, LogRhythm
    Having a well-run, foundational SIEM for your security posture is a fantastic goal for most organisations, however that shouldn’t be where the drive to improve organisational security stops.

    In this on-demand webinar Jake Anthony, Enterprise Sales Engineer, LogRhythm, looks at how combining Open Source technologies such as Jupyter Notebook can enhance your security posture through optimisation and integration with the LogRhythm NextGen SIEM Platform.

    Watch to discover:
    • LogRhythm & Open Source
    • What is Jupyter Notebook
    • How you can leverage it in your environment
    o Streamline MITRE ATT&CK tag creation
    o Expand visualisation capabilities
    o Enhance threat hunting playbooks
  • [EMEA] Combatting ransomware and APT activity with process-level monitoring Recorded: Feb 25 2021 62 mins
    Dan Crossley, Sales Engineering Manager, LogRhythm and Imran Hafeez, LogRhythm Analytic Co-Pilot Consultant
    Ransomware has evolved from a commodity malware strain primarily targeting home users, to a devastating and effective tool in the arsenal of advanced threat groups. As these human operated cyberattacks continue to be a lucrative source of income for threat actors, ransomware will continue to pose a major threat to many organisations.

    If threat actor activity can be detected in the environment early enough in the kill-chain, analysts stand a much better chance of unravelling the entire attack and reducing the risk to their organisation.

    In this on-demand webinar Dan Crossley, Sales Engineering Manager, LogRhythm and Imran Hafeez, LogRhythm Analytic Co-Pilot Consultant, will outline:
    • The anatomy of a human operated ransomware attack
    • What additional log data can be enabled within a Windows environment to allow better tracing of threat actor activity, including:
    o Process creation with command-line execution
    o PowerShell logging
    o Microsoft Sysmon
    • How you can trace and alert on possible threat actor activity within your environment, with these log sources
  • Conquering CMMC: Tackling the Most Difficult CMMC Controls Recorded: Feb 23 2021 64 mins
    Darren Cathey and Scott McDaniel
    The Cybersecurity Maturity Model Certification (CMMC) sets a new minimum bar to hit if you want a shot at doing business with the Department of Defense (DoD). That means that CMMC compliance is likely at the top of your cybersecurity list and you’ve probably already done at least a little research.

    As you may have noticed, one of the more difficult controls those pursuing CMMC Level 3 and up must meet is keeping a detailed log of all devices. Some levels even require 24/7 monitoring of these logs. Talk about a herculean task!

    In this on-demand webinar, Darren Cathey, Sales Engineer at LogRhythm, and Scott McDaniel, Vice President of Technology at Simple Helix, go beyond understanding CMMC! They discuss:
    • A quick overview of the CMMC standard
    • How LogRhythm’s set of out-of-the-box content can help you move through compliance before the 2026 deadline
    • How to make keeping track of your log files easy

    Watch this fireside chat today and discover the less arduous path to CMMC compliance that has resulted in a perfect DCMA High Audit Score of 110 for a Simple Helix customer!
  • New Techniques to Strengthen Threat Detection Recorded: Feb 23 2021 59 mins
    Paul Caiazzo and Brian Emond
    Your security information and event management (SIEM) tool provides you with real-time analysis of security alert generated by applications and network hardware.

    Combining your SIEM technology with a ZTNA model can be extremely advantageous.

    Watch on-demand as Paul Caiazzo, Avertium CISO and Brian Emond, LogRhythm Director, Sales Engineering, discuss the role of a security information and event management (SIEM) tool that provides you with real-time analysis of security alerts and its important role in ZTN.

    Watch to gain insights on:
    •The benefits of a SIEM as part of a ZTNA model
    •How ZTNA affects your threat detection and response strategy
    •How tools like LogRhythm can be used in conjunction with ZTNA to drive synergy within your threat detection and response processes.
  • [APAC] Instilling Cybersecurity Awareness: A Cross-Functional Roundtable Recorded: Feb 23 2021 70 mins
    Barry Krauss (Training Director), Justin McNichol (Global Service Desk Manager) and Rob Sweeney (Technical Account Manager)
    It’s an oft-repeated adage in cybersecurity: employees are your first line of defense. While security awareness is being discussed now more than ever, statistics show that this defense could stand to improve.

    43% of employees are still unaware that clicking a suspicious link or attachment could lead to a malware infection.* But of course, making meaningful improvements in security awareness is often easier said than done.

    Our panelists will discuss:
    - Biggest gaps in security awareness
    - Tactics they’ve implemented to address these gaps, and
    - How security awareness will evolve as the workforce evolves

    - Barry Krauss, Director of Training and Enablement
    - Justin McNichol, Manager of LogRhythm’s Global Service Desk
    - Rob Sweeney, Technical Account Manager and former LogRhythm customer

    *Source: https://searchsecurity.techtarget.com/infographic/7-security-awareness-statistics-to-keep-you-up-at-night
  • Detecting and Blocking Malware Threats with SIEM + EDR Recorded: Feb 17 2021 59 mins
    Harrison Midkiff and Brandon DeMeo
    As cyberthreats continue to grow, it’s crucial to focus on endpoint data and attacker behavior to achieve enterprise-wide visibility and enable proactive detection before threats become a high-impact incident.

    LogRhythm and Carbon Black together deliver a powerful integration that combines endpoint detection and response (EDR) with advanced analytics and automated response capabilities.

    In this on-demand webinar, co-presented with VMware Carbon Black, you will see how EDR and the LogRhythm NextGen SIEM Platform work together to reduce your time to respond to malware threats.

    Watch the on-demand webcast today to listen in on Harrison Midkiff and Brandon DeMeo as they walked through two live demonstrations and a use case examples showing the value of these two solutions working together!
  • [APAC] NetFlow: What is it and is there any security context? Recorded: Feb 17 2021 70 mins
    Andrew Pettet, Enterprise Sales Engineer, LogRhythm
    NetFlow is a long-standing feature on routers and switches, providing the ability to collect IP network traffic, and export the data for traffic analysis. Network administrators can utilise this data to assess information such as the source and destination of traffic and service of traffic including volumes and packet counts.

    In this webinar Andrew Pettet, Enterprise Sales Engineer, LogRhythm outlines:
    • Networking fundamentals with NetFlow
    • Switch config - ingesting logs with Fortinet and Cisco devices
    • Leveraging NetFlow in your environment
    • LogRhythm NetFlow use case

    Watch on-demand today.
  • [EMEA] Best Practices For Reducing Ransomware Risk Recorded: Feb 16 2021 48 mins
    Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO and Dan Crossley, SE CISSP, LogRhythm
    As ransomware attacks continue to hit the headlines around the globe they pose a major threat to businesses of all sizes. How do you protect your organisation against ransomware effectively to reduce the associated risk?

    In this on-demand webinar, Dan Crossley CISSP, Sales Engineering Manager at LogRhythm, and Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO, discuss:

    • Recent ransomware incidents
    • Why ransomware attacks are more prevalent and destructive than ever before
    • Practical tips to help you detect and respond to ransomware attacks
    • How a SIEM can be used to reduce the risk
  • Dated Zero Trust in 2020? Make a Commitment in 2021! Recorded: Feb 10 2021 48 mins
    James Carder and David Holmes
    Ever since Forrester alum John Kindervag founded the concept of Zero Trust in 2009 , it’s intrigued those with its “Never trust, always verify” approach to security. Even so, many believed the framework to be out of their reach, often citing high costs or labor requirements as a barrier to entry.

    High-profile implementations of Zero Trust by companies like Google and Beyond Corp have helped the cybersecurity industry realize its feasibility ; however, most organizations have still taken an exploratory approach to Zero Trust — that is, until COVID-19 forced companies to stand up remote workforces practically overnight.

    The sudden pressure to keep employees and assets both connected and secure resulted in a paradigm shift for how IT and security teams operate — and a spike in interest and adoption of Zero Trust as a security strategy. But the circumstances leading to this meant that most organizations didn’t already have a roadmap to guide a holistic implementation, so many scrambled to apply bits and pieces of Zero Trust and are now wondering how to take the next step with the framework.

    Guest speaker, Forrester senior analyst David Holmes and LogRhythm CSO James Carder are here to help. During this session, they’ll discuss:
    • How the security community can directly translate Zero Trust components into concrete roadmap items
    • How security elements like automation and visibility tie into the framework
    • Examples of each based on Forrester research

    You will also hear from James about his own successful implementation of Zero Trust at LogRhythm.

    Learn how to solidify your Zero Trust strategy so you can realize the benefits of a
    full implementation.
  • [APAC] Threat Hunting with ATT&CK Technique "X" Recorded: Feb 3 2021 47 mins
    Brian Coulson, Dan Kaiser, and Sally Vincent
    Threat hunting with MITRE ATT&CK techniques can be approached in several ways.

    Join members of the LogRhythm Labs team as they take you on a journey of how to use MITRE ATT&CK techniques and LogRhythm to make your threat hunting activities more valuable and effective.

    They will start the journey using the known techniques of MITRE ATT&CK Group APT 29, also known as the Russian threat actor group The Dukes or Cozy Bear. The team will describe the known Indicators of Compromise (IOCs) like file hashes, IP addresses, etc., and how IOCs play into MITRE ATT&CK technique searches, and dashboards. Finally, the team will dig into more unknown, or suspicious activity based on the techniques by focusing on encoded PowerShell.

    You’ll Learn:
    - Threat hunting made easy using MITRE ATT&CK techniques
    - How to create custom LogRhythm dashboards and searches.
    - Moving from known, to unknown, and back to known to increase your detection capabilities
  • [APAC] Maximising the productivity of your SOC with UEBA and SOAR Recorded: Jan 27 2021 43 mins
    Ed Carolan, Manager, Enterprise Sales Engineering
    If your team is struggling with resource constraints, you’re probably facing longer-than-ideal response times. This puts your organisation at risk.

    Ed Carolan, Manager, Enterprise Sales Engineering, outlines how you can maximise the benefits of time optimisation and reduce the burden on your team with SOAR and UEBA.

    Understand how you can:
    • Leverage UEBA and SOAR to increase automation within the SOC
    • Enable team collaboration and workflow automation
    • Arm your analysts to be more effective in their work
    • Increase the ROI from your SIEM
  • [EMEA] NetFlow: What is it and is there any security context? Recorded: Jan 21 2021 71 mins
    Andrew Pettet, Enterprise Sales Engineer, LogRhythm
    NetFlow is a long-standing feature on routers and switches, providing the ability to collect IP network traffic, and export the data for traffic analysis. Network administrators can utilise this data to assess information such as the source and destination of traffic and service of traffic including volumes and packet counts.

    In this webinar Andrew Pettet, Enterprise Sales Engineer, LogRhythm outlines:
    • Networking fundamentals with NetFlow
    • Switch config - ingesting logs with Fortinet and Cisco devices
    • Leveraging NetFlow in your environment
    • LogRhythm NetFlow use case

    Watch on-demand today.
  • [APAC] How to build an effective security program with limited resources Recorded: Jan 20 2021 29 mins
    Leonardo Hutabarat, Enterprise Sales Engineer APAC
    Some organizations have a 24x7 security operations center (SOC) with teams of dedicated analysts monitoring for threats around the clock, while some organizations are deep in the trenches of building out their security program. Whether you have a formal SOC, are in the weeds of building or optimizing your security program, the desired outcome to detect and respond to threats fast remains.

    • Best Practices for an Effective Security Program
    • 7 Steps to Building a Successful Security Program with Limited Resources
    • How a NextGen SIEM Solution is the Ideal Technology for Building a SOC
  • [APAC] Combatting ransomware and APT activity with process-level monitoring Recorded: Jan 13 2021 61 mins
    Dan Crossley, Sales Engineering Manager, LogRhythm and Imran Hafeez, LogRhythm Analytic Co-Pilot Consultant
    Ransomware has evolved from a commodity malware strain primarily targeting home users, to a devastating and effective tool in the arsenal of advanced threat groups. As these human-operated cyberattacks continue to be a lucrative source of income for threat actors, ransomware will continue to pose a major threat to many organisations.

    Dan Crossley, Sales Engineering Manager, LogRhythm and Imran Hafeez, LogRhythm Analytic Co-Pilot Consultant, discuss:

    • The anatomy of a human operated ransomware attack
    • What additional log data can be enabled within a Windows environment to allow better tracing of threat actor activity, including:
    o Process creation with command-line execution
    o PowerShell logging
    o Microsoft Sysmon

    Save your seat to discover how you can trace and alert on possible threat actor activity within your environment, with these log sources.
  • Threat Hunting with ATT&CK Technique "X" Recorded: Dec 17 2020 47 mins
    Brian Coulson, Dan Kaiser, and Sally Vincent
    Threat hunting with MITRE ATT&CK techniques can be approached in several ways.

    Join members of the LogRhythm Labs team as they take you on a journey of how to use MITRE ATT&CK techniques and LogRhythm to make your threat hunting activities more valuable and effective. They will start the journey using the known techniques of MITRE ATT&CK Group APT 29, also known as the Russian threat actor group The Dukes or Cozy Bear. The team will describe the known Indicators of Compromise (IOCs) like file hashes, IP addresses, etc., and how IOCs play into MITRE ATT&CK technique searches, and dashboards. Finally, the team will dig into more unknown, or suspicious activity based on the techniques by focusing on encoded PowerShell.

    You’ll Learn:
    - Threat hunting made easy using MITRE ATT&CK techniques
    - How to create custom LogRhythm dashboards and searches.
    - Moving from known, to unknown, and back to known to increase your detection capabilities
  • Managing Security and Operational Risk in Critical Infrastructure Panel Recorded: Dec 10 2020 54 mins
    James Carder, Jeff Schmidt, Rob Sweeney, Stephen Dyson, Robert M. Lee, Sam Masiello
    Attacks on operational technology (OT) have been on the rise the for decades. The rise began with the Stuxnet worm that attacked Programmable Logic Controllers (PLCs) in SCADA systems and has increased sharply in the last few years. Not only do these attacks threaten national interests, but as OT continues to be vital in day to day operations, overall business continuity is also endangered. As such, detecting OT threats has become a top priority as governments and organizations around the world implement programs and deliver mandates to protect critical infrastructure and business operations, across all sectors and verticals.

    While limiting security and operational risk is a crucial issue, sometimes it’s easier said than done. Join our replay of "Managing Security and Operational Risk in Critical Infrastructure Panel" -- a top viewed session from this year's RhythmWorld conference. In this panel, security experts from across industries discuss business challenges, ways to evaluate risk, and strategies to reduce business risk with operational technology. Moderated by James Carder, LogRhythm Chief Security Officer.

    Discover:

    - Overview of operational risk and technologies associated with different critical industry
    - How security plays a role in operations and achieving business continuity
    - Ways your peers have effectively met business challenges
    - Recommendations to manage security and operational Risk
  • [APAC] Use Threat Research & MITRE ATT&CK to Turn Analysis into Action Recorded: Dec 9 2020 59 mins
    Dan Kaiser and Sally Vincent from LogRhythm Labs
    Looking to turn third-party threat research into actionable takeaways for your team?

    Dan Kaiser and Sally Vincent from LogRhythm Labs walk through their process for reviewing third party reports using the real-world example of Maze ransomware. They demonstrate how threat research can be truly useful in protecting your organization from the latest developments in cyberattacks.

    Discover how to:

    - Turn threat details into new monitoring and threat hunting techniques
    - Configure your security solution to incorporate those actionable takeaways
    - Use samples of Maze that have been reverse engineered to test your newly configured solution

    They also demonstrate how to map third-party threat reports to ATT&CK techniques that can be used to develop mitigation, detection and response actions including:

    - Initial Access
    - Execution
    - Persistence
    - Privilege Escalation
    - Discovery
    - Lateral Movement
    - Impact

    Save your seat to learn how to make the most of threat research.
Be Security First.
LogRhythm’s award-winning NextGen SIEM Platform makes the world safer by protecting organizations, employees, and customers from the latest cyberthreats. It does this by providing a comprehensive platform with the latest security functionality, including security analytics; network detection and response (NDR); user and entity behavior analytics (UEBA); and security orchestration, automation, and response (SOAR). Learn how LogRhythm empowers companies to be security first at logrhythm.com.

To learn more, please visit logrhythm.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: [APAC] Five practical use cases to enhance threat detection and response
  • Live at: May 14 2020 2:00 am
  • Presented by: Jake Anthony, Systems Engineer and Simon Hamilton, Client Manager, LogRhythm
  • From:
Your email has been sent.
or close