Hi [[ session.user.profile.firstName ]]

Beyond Malware: How to Detect and Respond to Malware-Free Intrusions

What do you do when adversaries don’t use any malware or exploits? We will show how to deal with malware-free intrusions; how to detect, prevent, attribute and respond. This session will feature techniques we’ve observed in the field, from the stealthiest adversaries who leave no malware footprints behind. We will demonstrate a live attack and show how CrowdStrike’s next-generation endpoint protection solution, Falcon Host, can detect the activity in real-time and provide relevant countermeasures for protection and response.
In this session, you will learn how to:
•Determine whether advanced adversaries have gained a foothold in your organization without using malware
•Identify and observe adversary’s lateral movement to understand what they want and who they are targeting in your organization
•Gain the ability to record and reconstruct an incident completely to understand what systems and data the adversary has touched
Recorded Oct 28 2015 53 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dmitri Alperovitch, CTO and Cofounder; CrowdStrike and Elia Zaitsev, Principal Solutions Architect; CrowdStrike
Presentation preview: Beyond Malware: How to Detect and Respond to Malware-Free Intrusions

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Hand to Hand Combat with an Advanced Attacker Recorded: Jun 14 2017 59 mins
    Zeki Tured, Senior Systems Engineer, CrowdStrike
    Learn new attack techniques that have been uncovered by CrowdStrike’s threat hunting and incident response teams including: initial attack vectors, persistence, lateral movement and data exfiltration techniques. See new techniques for dealing with malware, ransomware, spearphishing, exploits and malware-free intrusions. Leave knowing how to identify and stop advanced threat activity in your environment.

    Learning Outcomes:

    - How nation-state threats are crafted and how their Tactics, Techniques, and Procedures (TTPs) help identify them from more routine advanced attacks
    - Who are the most notable adversaries in 2017 and the key European security themes based on the latest intelligence compiled across CrowdStrike’s global intelligence gathering operation
    - What are the indicators of attack and how you can apply them to defeat the adversary?
  • Is Ransomware Morphing Beyond the Ability of Standard Approaches to Stop It? Recorded: May 2 2017 60 mins
    Dan Brown, Detection Architect at Crowdstrike
    Ransomware continues to evolve as perpetrators develop new exploits with consequences that can be dramatic and immediate. New super strains go beyond holding files hostage. In Austria, ransomware was used to take over a hotel’s keycard system so guests were locked out of their rooms. Researchers have developed strains that can alter programmable logic controller (PLC) parameters with the potential to throw major mechanical systems into chaos. New defense approaches are needed because organizations can no longer rely on backups and conventional security solutions to protect them. Join CrowdStrike Senior Security Architect Dan Brown as he explains why conventional security isn’t working, and reveals recent innovations – including new Indicator of Attack (IOA) behavioral analysis methodologies – to successfully detect and prevent even the most complex “file-less” ransomware exploits.
    Attend this CrowdCast where Dan will discuss:

    ● The challenges of defending against dangerous new variants, such as Russian roulette-style ransomware that encrypts data in stages, or the use of “known good” programs such as the WinRar data compression tool to implement ransomware

    ● Real-world examples of ransomware in action and how different approaches fare against each type of exploit

    ● How the CrowdStrike Falcon cloud-delivered platform can defend your organization against new super strains of ransomware that use sophisticated malware-free tactics

    Dan Brown
    Crowdstrike, Detection Architect
    Dan is a 15-year veteran of the cybersecurity industry with a career that spans contributions to DARPA, NASA, and other government agencies, as well as several successful private-sector startups. At CrowdStrike, Dan engages in research to support ever evolving detection and prevention technology.
  • Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting Recorded: May 2 2017 47 mins
    Christopher Witter, Senior Manager, Falcon OverWatch at CrowdStrike
    Is your IT security team suffering from alert fatigue? For many organizations, chasing down every security alert can tax an already overburdened IT department, often resulting in a breach that might have been avoided. Adding to this challenge is an increase in sophisticated threats that strike so fast and frequently, traditional methods of investigation and response can’t offer adequate protection.

    A new webcast from CrowdStrike, “Proactive Threat Hunting: Game-Changing Endpoint Protection Above and Beyond Alerting,” discusses why so many organizations are vulnerable to unseen threats and alert fatigue, and why having an approach that is both reactive and proactive is key. You’ll also learn about Falcon OverWatch™, CrowdStrike’s proactive threat hunting service that investigates and responds to threats immediately, dramatically increasing your ability to react before a damaging breach occurs.

    Register for this webcast to learn:

    • How constantly reacting to alerts prevents you from getting ahead of the potentially damaging threats designed to bypass standard endpoint security

    • Why an approach that includes  proactive threat hunting, sometimes called Managed Detection and Response, is key to increasing protection against new and advanced threats  
     
    • How CrowdStrike Falcon OverWatch can provide 24/7 managed threat hunting, augmenting your security efforts with a team of cyber intrusion detection analysts and investigators who proactively identify and prioritize incidents before they become damaging breaches

    About the Speaker
    Christopher Witter
    Senior Manager Falcon OverWatch, CrowdStrike

    Christopher Witter leads CrowdStrike’s Managed Hunting Service, OverWatch. He has over 15 years in incident response and information security and he’s previously held senior roles on Computer Security and Incident Response Teams (CSIRT) at both a top five global bank and a top ten defense contractor.
  • How to Replace Your Legacy Antivirus Solution Recorded: Apr 6 2017 62 mins
    Dan Larson, Sr. Director of Technical Marketing, CrowdStrike
    Legacy AV products are failing to stop modern threats. That’s why AV replacement is a hot topic in the industry and why enterprises in every sector are looking for answers. As breaches continue to dominate the headlines, you need to know that there is a new approach that can close the wide security gap left by yesterday’s AV solutions. Defending against today’s sophisticated polymorphic threats requires new weapons and that’s just what the CrowdStrike Falcon Platform delivers.

    The key to this new approach is going beyond malware to addressing the most complex and persistent cyber threats at every stage of the kill chain. CrowdStrike does this by combining next-gen antivirus, endpoint detection and response (EDR), and a managed threat hunting service – all cloud-delivered with a single lightweight agent.

    In this CrowdCast, Dan Larson, Sr. Director of Technical Marketing, will discuss:

    • The typical challenges with legacy antivirus, from efficacy to complexity & bulky architecture

    • How CrowdStrike stands above competitive offerings by providing robust threat prevention leveraging artificial intelligence and machine learning

    • How Falcon’s lightweight sensor and cloud architecture dramatically reduces operational burden

    • How you can seamlessly migrate from legacy antivirus to CrowdStrike Falcon

    • Why CrowdStrike was positioned as a “Visionary” in the 2017 Gartner Magic Quadrant for Endpoint Protection Solutions and what it says about our standing as an effective AV replacement
  • Cloud-Enabled: The Future of Endpoint Security Recorded: Mar 3 2017 64 mins
    Jackie Castelli CrowdStrike, Sr. Product Manager
    As the cost and complexity of deploying and maintaining on-premises security continues to rise, many endpoint security providers have embraced the cloud as the ideal way to deliver their solutions. Yet, incorporating cloud services into legacy architectures limits their ability to fully engage the tremendous power the cloud offers.

    CrowdStrike Falcon recognized the value of cloud-delivery from the beginning, developing architecture built from the ground up to take full advantage of the cloud. CrowdStrike’s cloud-powered endpoint security not only ensures rapid deployment and infinite scalability, it increases your security posture by enabling real-time advanced threat protection across even the largest, distributed enterprises.

    In this CrowdCast, Jackie Castelli, Sr. Product Manager will discuss:

    • The advantages of endpoint protection purpose-built for the cloud – why it allows you to take full advantage of the cloud’s power

    • The common concerns organizations face when evaluating cloud-based endpoint security - can privacy and control be assured?

    • Real-world examples demonstrating the unique advantages offered by CrowdStrike Falcon’s innovative cloud-powered platform


    About the Speaker:

    Jackie Castelli
    CrowdStrike, Sr. Product Manager

    Jackie Castelli, CISSP, has over 20 years of experience in the cybersecurity industry. She has gained practical security experience in her roles as a security architect and data center manager. As a senior product marketing manager for CrowdStrike, she is responsible for educating the market about Falcon Host, CrowdStrike’s next-generation endpoint protection. Prior to CrowdStrike, Jackie worked in technical roles in pre-sales, IT and support. Jackie frequently speaks on cyber security topics at executive briefings and industry events.
  • Battling Unknown Malware With Machine Learning Recorded: Feb 13 2017 58 mins
    Dr. Sven Krasser, Chief Scientist, CrowdStrike
    Learn about the first signature-less engine to be integrated into VirusTotal

    CrowdStrike recently made headlines by announcing that it is the first machine learning-based engine to be integrated into VirusTotal. VirusTotal is the premier nexus where all reputable AV vendors transparently publicize their detection results and share malware data for the greater good. The addition of CrowdStrike’s advanced machine learning engine to this anti-malware industry staple is a major leap forward for users who rely on VirusTotal capabilities to help defend their endpoints.

    In this live CrowdCast, CrowdStrike’s Chief Scientist Dr. Sven Krasser offers an exclusive look “under the hood” of this unique machine learning engine, revealing how it works, how it differs from all other signature-based engines integrated into VirusTotal to date, and how it fits into the larger ecosystem of techniques used by CrowdStrike Falcon to keep endpoints and environments safe.

    Topics will include:

    •What CrowdStrike Falcon machine learning is and how it works
    •How to interpret results of machine learning-based threat detection
    •How users can benefit from the CrowdStrike Falcon machine learning engine
    •How this cutting-edge technology fits into the CrowdStrike Falcon breach prevention platform


    Featured Speaker:

    Dr. Sven Krasser
    Chief Scientist, CrowdStrike

    Dr. Sven Krasser is a recognized authority on network and host security. He currently serves as Chief Scientist for CrowdStrike, where he oversees the development of endhost and cloud-based Big Data technologies. Previously, Dr. Krasser was at McAfee where he led the data analysis and classification efforts for TrustedSource. He is the lead inventor of numerous key patented and patent-pending network and host security technologies and is the author of numerous publications on networking and security technologies.
  • Lessons from the Trenches: Cyber Intrusion Casebook Revealed Recorded: Dec 9 2015 70 mins
    Wendi Whitmore, VP CrowdStrike Services; Andy Schworer, Principal Consultant; and Brandon Finney, Principal Consultant
    Learn important lessons gleaned from real-life engagements, detailing the tools and techniques advanced attackers use to compromise victim networks, and strategies the CrowdStrike Services team has devised to combat and even prevent these attacks from occurring.

    You will learn:

    - New tactics attackers are using to gain and maintain access to victim networks
    - How quickly adversaries attempt to re-infect an organization
    - Remediation tactics and tools you can use to remove attackers from your network
    - Proactive steps you can take to improve your success in detecting, preventing and responding to targeted attacks
  • Should I Really Trust the Cloud with my Endpoint Security Protection? Recorded: Nov 11 2015 49 mins
    Dave Cole, Chief Product Officer, CrowdStrike
    In architecting true next generation endpoint protection, CrowdStrike made a deliberate decision to embrace the Cloud. Why? The Falcon platform was built by people fed up with the limitations of building on-premise products, who realized that ‘Cloud-supported’ wasn’t enough. Only an endpoint security product designed from the ground-up to be based on the Cloud would work.
    In this session you will learn:
    • Why the Cloud provides the scale, resources and power to protect you
    • The privacy, security, control and legal issues to be considered in using the Cloud for endpoint security
    • Why the Cloud-based Falcon endpoint protection platform is the right decision for your organization.
  • What’s Next in Endpoint Defense? Recorded: Oct 30 2015 61 mins
    Dmitri Alperovitch, CTO and Cofounder, CrowdStrike; Renee Guttmann, VP for Info Risk, Optiv; Rafal Los, Dir, Sol Researc,Opti
    Join executives from CrowdStrike and Optiv in a lively panel discussion on why signature-focused, alert-centric reactive model for endpoint security tools must evolve to meet the growing productivity needs of the enterprise in an increasingly hostile threat environment. Find out how the next generation in endpoint protection is helping some of the world’s top organizations fill the gaps left by their existing security solutions.
    Join us and you will learn:
    •Why existing leading security strategies barely address 40% of today’s enterprise data breaches.
    •Learn the must-have capabilities and features of a successful endpoint security solution strategy.
    •How one Fortune 100 financial firm deployed an entirely cloud-based NGE solution to radically improve its security posture.
  • Beyond Malware: How to Detect and Respond to Malware-Free Intrusions Recorded: Oct 28 2015 53 mins
    Dmitri Alperovitch, CTO and Cofounder; CrowdStrike and Elia Zaitsev, Principal Solutions Architect; CrowdStrike
    What do you do when adversaries don’t use any malware or exploits? We will show how to deal with malware-free intrusions; how to detect, prevent, attribute and respond. This session will feature techniques we’ve observed in the field, from the stealthiest adversaries who leave no malware footprints behind. We will demonstrate a live attack and show how CrowdStrike’s next-generation endpoint protection solution, Falcon Host, can detect the activity in real-time and provide relevant countermeasures for protection and response.
    In this session, you will learn how to:
    •Determine whether advanced adversaries have gained a foothold in your organization without using malware
    •Identify and observe adversary’s lateral movement to understand what they want and who they are targeting in your organization
    •Gain the ability to record and reconstruct an incident completely to understand what systems and data the adversary has touched
  • The Importance of Achieving True Endpoint Visibility Recorded: Oct 19 2015 7 mins
    Elia Zaitsev, CrowdStrike Security Architect
    Learn why true endpoint visibility is so important and what blind spots you may have. We will also show you how Falcon Host provides you with true end-to-end visibility into endpoint activity on your network, allowing you to keep adversaries out of your environment. In this video, CrowdStrike Principal Security Architect Elia Zaitsev demonstrates how Falcon Host eliminates blind spots in your endpoint monitoring, providing you with the speed, scale, detail and context you need to secure your networks against even the most advanced attacks.
Insightful, education and actionable content for security teams
CrowdStrike™ is a leading provider of next-generation endpoint protection, threat intelligence, and pre- and post incident response services. CrowdStrike Falcon is the first true Software as a Service (SaaS) based platform for next-generation endpoint protection that detects, prevents, and responds to attacks, at any stage - even malware-free intrusions.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Beyond Malware: How to Detect and Respond to Malware-Free Intrusions
  • Live at: Oct 28 2015 3:00 pm
  • Presented by: Dmitri Alperovitch, CTO and Cofounder; CrowdStrike and Elia Zaitsev, Principal Solutions Architect; CrowdStrike
  • From:
Your email has been sent.
or close