Multi-Signal Defense Kill Chain: Strengthening Combat Capabilities in Intrusions

Logo
Presented by

Keegan Keplinger, Research and Reporting Lead, eSentire; Brandon Dunlap, Moderator

About this talk

Cybersecurity teams are fighting a losing battle trying to keep up with complex business requirements and the expanding attack surface. Although traditional security controls and MSSPs (managed security service providers) were once effective, they are no match for the growing speed and sophistication of modern threats. Unfortunately, you can’t protect your organization from cyber threats if you don’t have complete visibility across your attack surface. Even if your team utilizes a global threat hunting and threat intelligence team, they must be armed with data correlation and contextualization capabilities across multiple signals (e.g., endpoint, log, network, cloud) to effectively contain and remediate advanced persistent threats. Join eSentire and (ISC)² May 19, 2022 at 1:00 p.m., Eastern/10:00 a.m. Pacific to hear how threat intelligence teams can use data from multiple signal sources for enhanced threat detection, investigation, and response. Learn more about: • What multi-signal data correlation and contextualization means in the context of threat intelligence and threat hunting • Mapping tactics and techniques threat actors use to fulfill their objectives back to each phase of the overall attack workflow • Deep dive into how eSentire’s Threat Response Unit (TRU) used data from log, endpoint, and network to build detection content for threats like Log4j and Cobalt Strike • How threat intelligence teams can adopt a multi-signal approach to enrich their detection engineering content

Related topics:

More from this channel

Upcoming talks (11)
On-demand talks (374)
Subscribers (89643)
(ISC)² Security Briefings brings attendees both stand alone webcasts and multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.