Hi [[ session.user.profile.firstName ]]

Five practical use cases to enhance threat detection and response

Without rapid and accurate threat detection, your mean time to detect and respond to damaging cyberattacks is compromised, allowing attackers time to steal your organisation’s sensitive data. From collecting security and log data to utilising machine analytics, your team can effectively reduce the time it takes to discover threats on your network.

In our webinar Jake Anthony and Simon Hamilton from LogRhythm outline five practical use cases to enhance threat detection and response with your existing tools.

These include:

• Integrating endpoint detection for improved threat hunting capabilities
• Combining logical and physical authentication to spot anomalous access
• Automating detection and response to Phishing attacks
• Detecting possible indicators of bit-coin mining
• Improving incident response times through audio and visual alerting

View this webinar: if you are a SOC manager, security analyst, security architect and you are responsible for managing your organisations cybersecurity.
Recorded May 7 2020 44 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jake Anthony, Systems Engineer and Simon Hamilton, Client Manager, LogRhythm
Presentation preview: Five practical use cases to enhance threat detection and response

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Cybersecurity Implications on Society – feat. Forrester Recorded: Dec 10 2020 39 mins
    Jinan Budge, Forrester Principal Analyst
    It is increasingly becoming clear that cybersecurity decisions have broader societal implications than ever before. In 2020 and beyond, technology promises to change our own experience and enhance our way of life, significantly. Society and humanity increasingly depend on tech to work, learn, and socialise. But that dependence is also making our technology, and us, targets.

    To be successful in this new era, CISOs, executives, and security professionals will need to double the efforts to navigate the maze of organisational politics and detractors, engage with the business and place people and culture at the heart of your security program to influence change.

    In this on-demand webinar Jinan Budge, Forrester Principal Analyst, shares insights to help you focus your vision and approach team, organisational and external security culture change as strategically as you would any other part of your security program.
  • Managing Security and Operational Risk Panel Recorded: Dec 9 2020 54 mins
    James Carder | Jeff Schmidt | Rob Sweeney | Stephen Dyson | Robert M. Lee | Sam Masiello
    Attacks on operational technology (OT) have been on the rise for decades. The rise began with the Stuxnet worm that attacked Programmable Logic Controllers (PLCs) in SCADA systems and has increased sharply in the last few years. Not only do these attacks threaten national interests, but as OT continues to be vital in day to day operations, overall business continuity is also endangered. As such, detecting OT threats has become a top priority as governments and organisations around the world implement programs and deliver mandates to protect critical infrastructure and business operations, across all sectors and verticals.

    While limiting security and operational risk is a crucial issue, sometimes it’s easier said than done. Watch this panel to hear security experts from across industries discuss business challenges, ways to evaluate risk, and strategies to reduce business risk with operational technology.

    You’ll learn:
    - Overview of operational risk and technologies associated with different critical industry
    - How security plays a role in operations and achieving business continuity
    - Ways your peers have effectively met business challenges
    - Recommendations to manage security and operational risk

    James Carder, CSO, LogRhythm | Jeff Schmidt, CEO, Avertium | Rob Sweeney, Senior Information Security Engineer, Penn Medicine | Stephen Dyson, Sr. Security Operations Analyst, Penn Medicine | Robert M. Lee, CEO, Dragos | Sam Masiello, CSO, Gates Corporation
  • Overcoming the Skills Shortage for Modern and Effective Security Operations Recorded: Dec 9 2020 54 mins
    Andrew Hollister, LogRhythm Labs & Security Advisor to the CSO | Adam Saunders, Information Security Manager, Bourne Leisure
    In a perfect world, your organisation would staff a 24×7 SOC with highly talented cybersecurity professionals to secure its IT environment. But the truth is, a seemingly endless stream of new and complex cyberattacks has driven the demand for qualified professionals through the roof and the number of unfilled positions has soared.

    While there is no one-size-fits-all approach to solving the cybersecurity skills gap, our panel of experts provide practical advice for finding and building a team with the right set of skills. Panellists also discuss critical skill sets and outline resources to help you grow in your cybersecurity career.

    Moderated by Andrew Hollister, Senior Director of LogRhythm Labs.

    You’ll learn:
    - The global state of cybersecurity and recruiting
    - Approaches to overcome the cybersecurity skills gap
    - Tips to build experience and diversity in your security team
    - Ways to grow your career
  • Women in Security: Executive Panel Recorded: Dec 8 2020 40 mins
    Sam King, CEO of Veracode | Avani Desai, President of Schellman & Company | Cindy Zhou, CMO, LogRhythm
    We’ve all seen the headlines – women make up 26% of all computing related jobs and for the cybersecurity industry, it’s even less at 20%. For women of colour, it’s down to the single digits.

    During this on-demand webinar a distinguished panel of executives discuss the unique challenges women face in the industry, share their career journeys and leadership philosophies.

    The panel features executives at the helm of leading cybersecurity companies including:
    - Sam King, CEO of Veracode
    - Avani Desai, President of Schellman & Company
    - Cindy Zhou, CMO, LogRhythm

    This panel aims to inspire young women to build a career in cybersecurity, and discuss how men can help by mentoring and partnering with women.
  • The Modern and Evolving Security Leader Panel Recorded: Dec 8 2020 69 mins
    James Carder, LogRhythm, Karen Holmes, True Blue Inc., Kip James, TTec, Chris Mitchell, City of Houston, Dilip Singh, Sedara
    During our RhythmWorld 2020 Security Conference, a panel of five security executives met to discuss some of the major challenges, changes, and opportunities facing chief information security officers (CISOs) today.

    The Modern and Evolving Security Leader: Security Executive Panel, explores insider secrets on:
    • Building deeper organisation consensus
    • Finding security advocates
    • Boosting board buy-in
    • And much more!
  • Maze ransomware: Use threat research & MITRE ATT&CK to turn analysis into action Recorded: Dec 1 2020 59 mins
    Randy Franklin Smith (Ultimate Windows Security), Dan Kaiser (LogRhythm) and Sally Vincent (LogRhythm)
    Threat research can be an invaluable asset to security teams' proactive and reactive response plans. However, general recommendations found in threat research don't always easily translate into practical steps to defend against particular attacks.

    During this on-demand webinar with Ultimate Windows Security, LogRhythm Labs' Dan Kaiser and Sally Vincent demonstrate how to translate a recent report on Maze ransomware into actionable steps for your SOC.

    They review how to:
    - Turn threat details into new monitoring and threat hunting techniques
    - Configure your security solution to incorporate those actionable takeaways
    - Use samples of Maze that have been reverse engineered to test your newly configured solution
  • Combatting ransomware and APT activity with process-level monitoring Recorded: Nov 5 2020 61 mins
    Dan Crossley, Sales Engineering Manager, LogRhythm and Imran Hafeez, LogRhythm Analytic Co-Pilot Consultant
    Ransomware has evolved from a commodity malware strain primarily targeting home users, to a devastating and effective tool in the arsenal of advanced threat groups. As these human operated cyberattacks continue to be a lucrative source of income for threat actors, ransomware will continue to pose a major threat to many organisations.

    If threat actor activity can be detected in the environment early enough in the kill-chain, analysts stand a much better chance of unravelling the entire attack and reducing the risk to their organisation.

    In this on-demand webinar Dan Crossley, Sales Engineering Manager, LogRhythm and Imran Hafeez, LogRhythm Analytic Co-Pilot Consultant, will outline:
    • The anatomy of a human operated ransomware attack
    • What additional log data can be enabled within a Windows environment to allow better tracing of threat actor activity, including:
    o Process creation with command-line execution
    o PowerShell logging
    o Microsoft Sysmon
    • How you can trace and alert on possible threat actor activity within your environment, with these log sources
  • The benefits and barriers of implementing Zero Trust Recorded: Nov 3 2020 16 mins
    Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO
    The need to protect, defend and respond to threats — regardless of where the employee, data, systems and applications sit — is more apparent than ever as we continue to work from home.

    The Zero Trust model helps verify at every step that only trusted identities have access to systems, networks and data they are entitled to.

    In this short on-demand session, Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO, outlines the full benefits of implementing a Zero Trust model and how this approach can enhance cyber resilience.

    Watch now to hear:
    - The considerations to be made before incorporating Zero Trust
    - The barriers and best practices to support a successful implementation
    - The business benefits of switching to a Zero Trust model
  • How to Build a SOC with Limited Resources Recorded: Oct 15 2020 32 mins
    Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO
    Whilst some organisations have a 24x7 security operations centre (SOC) with teams of dedicated analysts carefully monitoring for threats around the clock, every day of the year. Unfortunately, most organisations cannot afford a 24x7 SOC. The cost of having well-trained analysts onsite at all times outweighs the benefit.

    In this on-demand webinar, Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO, outlines how to create an effective SOC, by combining three components — people, processes, and technology — to build an efficient security operation.

    You’ll learn:
    • What makes a SOC effective, including best practises for success
    • Cost comparisons of various SOC staffing models
    • Steps for building a SOC with limited resources
    • How a NextGen SIEM solution is the ideal technology for building a SOC
  • NextGen SIEM & Saudi ECC regulations Recorded: Oct 7 2020 61 mins
    Abdulrahman Aldalbahi, LogRhythm Enterprise Sales Manager & Muntaser Bdair, Chief Operation Officer, SecurityMatterz
    In this webinar, Abdulrahman Aldalbahi, LogRhythm Enterprise Sales Manager & Muntaser Bdair, Chief Operation Officer, SecurityMatterz, will outline how you can align with Saudi ECC compliance and MITRE ATT&CK for rapid threat detection and response.

    Join us to:
    • discover the LogRhythm KSA-ECC module including compliance use cases and predefined reports
    • learn more about using MITRE ATT&CK techniques to enhance your threat detection
    • gain insight into how LogRhythm's NextGen SIEM can effectively detect and respond to cyberthreats
  • Best Practices For Reducing Ransomware Risk Recorded: Sep 30 2020 48 mins
    Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO and Dan Crossley, SE CISSP, LogRhythm
    As ransomware attacks continue to hit the headlines around the globe they pose a major threat to businesses of all sizes. How do you protect your organisation against ransomware effectively to reduce the associated risk?

    In this on-demand webinar, Dan Crossley CISSP, Sales Engineering Manager at LogRhythm, and Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO, discuss:

    • Recent ransomware incidents
    • Why ransomware attacks are more prevalent and destructive than ever before
    • Practical tips to help you detect and respond to ransomware attacks
    • How a SIEM can be used to reduce the risk
  • Keeping pace with ransomware: Lessons learnt in the past year Recorded: Sep 22 2020 69 mins
    Randy Franklin Smith (Ultimate Windows Security) and Brian Coulson (LogRhythm)
    Today, ransomware attackers won’t simply back down if their demands are not met. Even companies who have great backups and a fast recovery process are vulnerable to an emerging strategy: exfiltrating the victim’s most private data before demanding a ransom. If victims refuse to make the payment and initiate restoring their systems, the attacker reveals what information they have exfiltrated and threatens to post it online.

    That threat is completely different from the standard ransomware threat. This is because we’ve now shifted from an Integrity and Availability threat to a Confidentiality threat and of course there is the possible nightmare of privacy and other compliance regulations depending on the nature of the data that’s been exfiltrated.

    During this webcast, Randy Franklin Smith from Ultimate Windows Security provides an overview of some recent high-profile attacks that have employed this strategy, including those against Honda, Xerox and Garmin. He will also discuss detection methods and MITRE ATT&CK® techniques commonly used in ransomware attacks.

    Then, Brian Coulson from LogRhythm’s Threat Research team will demonstrate how to detect and respond to these types of threats using MITRE ATT&CK, UEBA capabilities, and more.

    Join this webinar to learn about the latest trends in ransomware and how you can protect your organisation from them.
  • The State of the Security Team: Are Executives the Problem? Recorded: Sep 15 2020 39 mins
    Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO
    Working in security can sometimes feel as though you are sitting on top of a powder keg. It’s a fact that cybersecurity professionals are reporting higher levels of stress than they did just two years ago. We wanted to learn the causes of tension and anxiety — as well as understand potential ways teams might alleviate and remediate the potential of job burnout.

    Our global survey of more than 300 security professionals and executives investigated the reasons behind increased stress on security teams, solution capabilities, deployment strategies, technology gaps, and more. In this on-demand webinar, we explore some of the key findings from this research, including:

    - Why security professionals say they have more work stress than they did just two years ago.
    - Just how many teams feel that they have adequate executive support.
    - How capable teams say they are to detect known security threats.
    - The number one reason security professionals say they would leave their jobs.

    If you work in security, hearing that stress is impacting your space is likely no surprise.

    Watch on-demand to hear Andrew Hollister, Head of LogRhythm Labs & Security Advisor to the CISO at LogRhythm, outline why your team may be experiencing more stress than ever before, the effect executive support has on your program and some indicators on how to alleviate some of the issues your team may be facing.
  • Mitigating the risks of insider threats with UEBA Recorded: Jul 15 2020 60 mins
    Ashok Chokalingam CISSP, Senior Sales Engineer & Mohan Raj, Enterprise Sales Manager
    To avoid a data breach, your organisation must detect and respond quickly to anomalous activity. The Verizon Data Breach Investigations Report, 2017 states that user-based threats are on the rise:

    • 69% of organisations report incidents of attempted data theft — by internal threats.
    • 81% of breaches involve stolen or weak credentials.
    • 91% of firms report inadequate insider threat detection programs.

    User and entity behaviour analytics (UEBA) can help you monitor for known threats and behavioural changes in user data, providing critical visibility to uncover user-based threats that might otherwise go undetected.

    In this on-demand webinar, Mohan Raj and Ashok Chokalingam from our iMETA team at LogRhythm,l outline the various types of insider threats, the risk they pose to an organisation, the various contributors that may lead to this threat and how to identify and mitigate the risks.
  • Live demo - MITRE ATT&CK with LogRhythm Recorded: Jun 17 2020 46 mins
    Dan Crossley, Manager, Enterprise Sales Engineering, LogRhythm
    This product demo follows the MITRE ATT&CK session available on our BrightTALK channel. Watch this on-demand technical demonstration to hear how the LogRhythm platform can help you align to the MITRE ATT&CK framework.
  • MITRE ATT&CK 2020: An update in SIEM alignment Recorded: Jun 17 2020 41 mins
    Andrew Hollister, Senior Director, LogRhythm Labs Security, LogRhythm
    In this on-demand webinar Andrew provides an overview of how security professionals and the businesses that employ them can benefit from integrating the MITRE ATT&CK framework into their SIEM. He also expands on how feeding data from a wide set of technologies including endpoint detection and response (EDR), antivirus/anti-malware, intrusion detection/prevention systems (IDS/IPS), and other products can help businesses get the most out of their SOCs.
  • Live demo - Threat hunting with LogRhythm Recorded: Jun 17 2020 44 mins
    Jake Anthony, Enterprise Sales Engineer, LogRhythm
    Threat hunting refers to the process of proactively searching for advanced threats that may have eluded security systems. In other words, going after the ones that slipped through the net.

    In this on-demand session, you will learn some practical threat hunting tips and tricks using the LogRhythm NextGen SIEM Platform.
  • Logging & threat detection in the cloud: AWS, GCP, Microsoft Azure & Office 365 Recorded: Jun 17 2020 44 mins
    Dan Crossley, SE CISSP, LogRhythm
    The momentum behind the growth of cloud services is unstoppable, as businesses seek software, applications, and infrastructure that are more flexible and cost-effective. According
    to analysts, nearly half of all application spend is now invested in cloud services, and this cloud-first trend is only going in one direction.

    In this on-demand technical webinar LogRhythm’s Daniel Crossley outlines logging and threat detection strategies within cloud environments, including Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure and Office 365.

    The session covers:
    • Logging: An overview of cloud logging mechanisms
    • Log ingestion: Log collection from cloud environments
    • Analytics: Threat detection use cases for cloud environments

    The aim of this session is to give you a better understanding of logging and threat detection in cloud environments.
  • Maximising the productivity of your SOC with UEBA and SOAR Recorded: Jun 16 2020 44 mins
    Ed Carolan, Manager, Enterprise Sales Engineering
    If your team is struggling with resource constraints, you’re probably facing longer-than-ideal response times. This puts your organisation at risk. In this on-demand webinar Ed Carolan, Manager, Enterprise Sales Engineering, outlines how you can maximise the benefits of time optimisation and reduce the burden on your team with SOAR and UEBA.

    Understand how you can:
    • Leverage UEBA and SOAR to increase automation within the SOC
    • Enable team collaboration and workflow automation
    • Arm your analysts to be more effective in their work
    • Increase the ROI from your SIEM
  • Cybersecurity: A CISO’s perspective Recorded: Jun 16 2020 60 mins
    Martin Smith MBE,Founder The SASIG; James Carder, CSO, VP LogRhythm Labs; Craig Goodwin,CTRO Fujitsu; Michael Strong,CISO GCI
    Watch our Q&A panel session to gain insight into how James Carder, LogRhythm CISO and our guest speakers build and maintain a cybersecurity culture at their organisations, how they manage board-level reporting, exec-level relationships, and how they achieve their goals as a security leader, while appealing to the board’s mission and the core mission of their business.

    Moderated by Martin Smith MBE, Chairman & Founder, The Security Awareness Special Interest Group (SASIG)

    You’ll hear:
    - Key metrics you can use to show the value of you security operations/program
    - Actionable tips to get board-level support for your security program
    - How to use a security maturity model to map your risk reduction over time
    - How to achieve and present cost predictability
Build your security operations centre on a strong foundation
We know your job isn’t easy. That’s why we combine log management, machine learning, SOAR, UEBA, and NDR to give you broad visibility across your environment so you can quickly uncover threats and minimise risk.

But a mature SOC doesn’t just stop threats. With LogRhythm, you’ll easily baseline your security operations program and track your gains — so you can easily report your successes to your board.

Hear best practices, see technology demos, listen to speaker panels on our European BrightTALK channel.

Visit our website for more information:

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Five practical use cases to enhance threat detection and response
  • Live at: May 7 2020 9:00 am
  • Presented by: Jake Anthony, Systems Engineer and Simon Hamilton, Client Manager, LogRhythm
  • From:
Your email has been sent.
or close