Identity Protection: A Key Element for Modern Threat Hunters

Presented by

Andrew Harris (Sr. Director, Public Sector Technology Strategy), Phil Meneses (Regional Sales Engineer)

About this talk

While companies have embraced more endpoint and multifactor authentication (MFA) solutions in their security architecture, they don’t always see incidents as they happen — especially those involving service accounts and lateral movement. Recent attacks targeting identity and supply chain automation have made it clear that the next level of preparedness and risk mitigation must include reviewing and strengthening identity security tools. “Defense in depth” means finding the right controls from the endpoint all the way to the domain controller, but most security stacks are missing identity controls beyond an MFA checkbox. In addition, Golden SAML attacks such as those seen in Sunburst show that MFA isn’t a silver bullet, either. Good security requires not only automated responses to threats as they arise, but also deterministic threat detection (i.e., signature matching) and behavior anomaly detection (i.e., user/credential live actions). Our experts will demonstrate CrowdStrike Falcon® identity protection products that achieve both. Demo 1: Falcon Identity Threat Detection • Insights and analytics across your enterprise • Seeing live threats and events as they happen — no logs! • Threat hunting: can it be the “easy” button? Demo 2: Falcon Zero Trust • Seeing Zero Trust policy challenges against live events • Integrating with MFA and SSO to extend the reach of each into legacy and the cloud alike • Adding security without making employees miserable
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (195)
Subscribers (34425)
CrowdStrike has redefined security with the world’s most advanced cloud-native platform for protecting critical areas of risk — endpoints and cloud workloads, identity, and data. The Falcon® platform harnesses real-time threat intelligence and enterprise telemetry to automate threat prevention, detection, remediation, hunting, and vulnerability observability through a single, intelligent, lightweight agent.