Identity Protection: A Key Element for Modern Threat Hunters

Presented by

Andrew Harris (Sr. Director, Public Sector Technology Strategy), Phil Meneses (Regional Sales Engineer)

About this talk

While companies have embraced more endpoint and multifactor authentication (MFA) solutions in their security architecture, they don’t always see incidents as they happen — especially those involving service accounts and lateral movement. Recent attacks targeting identity and supply chain automation have made it clear that the next level of preparedness and risk mitigation must include reviewing and strengthening identity security tools. “Defense in depth” means finding the right controls from the endpoint all the way to the domain controller, but most security stacks are missing identity controls beyond an MFA checkbox. In addition, Golden SAML attacks such as those seen in Sunburst show that MFA isn’t a silver bullet, either. Good security requires not only automated responses to threats as they arise, but also deterministic threat detection (i.e., signature matching) and behavior anomaly detection (i.e., user/credential live actions). Our experts will demonstrate CrowdStrike Falcon® identity protection products that achieve both. Demo 1: Falcon Identity Threat Detection • Insights and analytics across your enterprise • Seeing live threats and events as they happen — no logs! • Threat hunting: can it be the “easy” button? Demo 2: Falcon Zero Trust • Seeing Zero Trust policy challenges against live events • Integrating with MFA and SSO to extend the reach of each into legacy and the cloud alike • Adding security without making employees miserable

Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (105)
Subscribers (19461)
CrowdStrike™ is a leading provider of next-generation endpoint protection, threat intelligence, and pre- and post incident response services. CrowdStrike Falcon is the first true Software as a Service (SaaS) based platform for next-generation endpoint protection that detects, prevents, and responds to attacks, at any stage - even malware-free intrusions.