Name: Threat Hunting Log4j Exploits with Falcon OverWatch
Start: 2022-02-22T16:30:00Z
End: 2022-02-22T16:30:59.000Z
Location: BrightTALK
Rating: 4.5

CrowdStrike has redefined security with the world’s most advanced cloud-native platform for protecting critical areas of risk — endpoints and cloud workloads, identity, and data. The Falcon® platform harnesses real-time threat intelligence and enterprise telemetry to automate threat prevention, detection, remediation, hunting, and vulnerability observability through a single, intelligent, lightweight agent.

Building a resilient, mature cybersecurity program is no easy task. Many organizations are stuck in a reactive state of detecting, investigating, and responding to incidents, with no time to focus on their future strategy.

Watch our CrowdCast to discover how CrowdStrike Services can help transform a struggling security program into a mature, proactive, and robust defense system.

You’ll learn:

• Where security programs fall short, including governance strategies
• Building a more mature, capable security program
• Critical steps to establish a long-term strategy and resilience
• How CrowdStrike Services delivers a structured maturity journey for our customers

From Reactive to Proactive: Transforming Your Cybersecurity Program

Adversaries are moving faster than ever. Is your security team keeping up? 

Legacy security information and event management (SIEM) tools are drowning teams in data, complexity, and rising costs. It’s time for a new approach. Join CrowdStrike and John Sapp, CISO of Texas Mutual, to learn how Texas Mutual streamlined SIEM tools, cut costs, and improved visibility. Discover strategies to overcome SIEM challenges and future-proof your SOC with AI-powered speed and automation.

What you’ll take away:
• Learn how Texas Mutual transformed their SOC with Falcon Next-Gen SIEM
• Strategies to remove the burden of legacy SIEM and modernize your SOC
• How Falcon Next-Gen SIEM helps you stay ahead of modern threats and empowers security teams through speed, AI, and automation

2025 Cybersecurity Trends: CISO Perspectives: Modernizing Your SOC with Next-Gen SIEM

Security teams around the world are embracing the game-changing potential of generative AI (GenAI) in the SOC, but its ultimate value is achieved when GenAI is part of an integrated security platform that unites speed, scale, and strategy.

In this session, we’ll reveal how platform-based AI elevates security operations, enabling teams to outpace machine-speed attacks and tackle threats like never before. Get exclusive insights from the CrowdStrike State of AI in Cybersecurity Survey, based on input from over 1,000 security professionals, to learn how your peers are adopting and leveraging GenAI.

What you’ll take away:
• Why 80% of security teams demand that GenAI be delivered through a bigger platform1
• The must-have capabilities of GenAI for security
• Real use cases to modernize your SOC with GenAI and stay ahead of evolving threats

2025 Cybersecurity Trends: Harnessing the Power of GenAI with a Platform-Centric Approach

Join us for an exclusive webinar series where CrowdStrike's expert speakers reveal cutting-edge strategies to combat cross-domain attacks. Learn how to achieve unparalleled visibility and rapid response across your entire attack surface. Gain insider knowledge to stay ahead of evolving threats and strengthen your organization's security posture.

Explore our comprehensive sessions below and elevate your cybersecurity expertise: 

Threat Briefing 

The Rise of Cross-Domain Attacks and Adversary Spotlight:
Adam Meyers, CrowdStrike SVP of Counter Adversary Operations, will cover the rapidly emerging global threat trend of cross-domain attacks and detail the adversaries who conduct them, including PUNK SPIDER and SCATTERED SPIDER.

Solution Showcase and Live Demo 

Unified AI-Native Cybersecurity Platform:
Hear from CrowdStrike's Office of the CTO for a tour and live demo of how the CrowdStrike Falcon® platform detects and stops cross-domain attacks with unmatched threat visibility and speed.

Adaptive Shield CEO Briefing

Extending Cross-Domain Protection to SaaS Applications with Adaptive Shield:
Learn how CrowdStrike’s recent acquisition of Adaptive Shield will deliver comprehensive protection across domains, now including SaaS applications. Hear from Maor Bin, Adaptive Shield’s CEO and Co-Founder, as he explains how the rapid adoption of SaaS applications has created a new attack surface to defend.

Fireside Chat

The Power of the Ecosystem in Cross-Domain Security:
CrowdStrike and Fortinet will discuss a new strategic partnership that extends our collective innovation and leadership to stop modern attacks on endpoints, networks, and beyond.

Security Perspectives

Putting Cross-Domain Security into Practice:
As adversaries target multiple domains to evade detection, a unified security strategy is essential. Learn how CrowdStrike customers are tackling this evolving threat.

The Rise of Cross-Domain Attacks: Stop Attacks Across Endpoint, Identity, and Cloud

To prevent cyberattacks against your healthcare organization, it’s essential to transform your SOC. Modern adversaries operate at lightning speed, with some attacks unfolding in as little as two minutes. With 70% of critical incidents taking over 12 hours to resolve, legacy SIEMs are no longer equipped to handle today’s rapidly evolving threat landscape.  

The modern SOC requires next-gen SIEM technology that’s designed to provide total threat visibility and precise detection that covers all data sources to protect every user and asset. 
Watch this on-demand session where healthcare executive strategists Todd Felker and Wael Younan discuss how AI is revolutionizing security operations and driving the advancement of SIEM technology.

In this webcast you will:
• Discover what it means to operate as an AI-native SOC
• Understand why legacy SIEMs are no longer viable for healthcare organizations
• Learn the benefits of AI-led threat hunting 
• Explore innovations around AI-generated parsers to expedite onboarding and setup
• Learn how to accelerate investigations and enhance decision-making with automated incident response actions

Harness the power of AI: Modernize your healthcare system’s SOC with next-gen SIEM

Five of the top 10 MITRE ATT&CK® techniques observed from July 2023 to June 2024 were identity-based. As identity-based attacks become a critical threat in cloud environments, mastering an identity-centric security strategy is imperative.

Join us and Kevin Tsuei, SVP Information Security Officer at the Commercial Bank of California and Venu Shastri, Director of Product Marketing at CrowdStrike to learn why considering a unified identity protection strategy covering both on-prem Active Directory and cloud identity providers like Entra ID is critical to protecting against modern adversaries.

Main Takeaways:

• What is unified identity protection
• Hear the latest innovations on identity security from Fal.Con 2024
• Why CrowdStrike’s unique platform approach provides a better and more cost-effective solution against identity breaches spanning on-premises and cloud environments
• Listen to a real-world customer case study – Commercial Bank of California, covering best practices

Beyond Boundaries: Revolutionizing Identity Security from On-Premises Environments to the Cloud

Protecting endpoints remains one of the most critical security challenges organizations face today. According to CrowdStrike’s 2024 Threat Hunting Report, adversary exploitation of remote management and monitoring (RMM) tools surged 70%. This trend underscores the need for AI-powered modern endpoint protection, enabling security teams to rapidly detect and disrupt ransomware and stealthy cross-domain attacks, and outpace adversaries.

Join us for an exclusive virtual event featuring Erik Hart, CISO of Cushman & Wakefield, alongside CrowdStrike experts, as we discuss endpoint security trends and how CrowdStrike was recently named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive year.

Event highlights include:

• Understand the endpoint security trends, innovations, and market positioning evaluated in the 2024 Gartner® Magic Quadrant™ for EPP and why CrowdStrike was positioned both furthest to the right for Completeness of Vision and highest for Ability to Execute.

• See how CrowdStrike is innovating to address the evolving security needs of modern enterprises from endpoint security to identity protection, cloud security, IT automation, next-gen SIEM, and more.

• Learn about CrowdStrike’s latest groundbreaking AI innovations that help security teams combat rapidly evolving adversaries.

• Hear from CrowdStrike customer Cushman & Wakefield, a global leader in commercial real estate services, how they partnered with CrowdStrike to secure critical operations.

Redefining Endpoint Security to Stop Modern Cyberattacks: Insights from the 2024 Gartner® Magic Quadrant™ for EPP

As the holiday season approaches, small businesses face a heightened risk of cyber threats. In 2023, the CrowdStrike eCrime Index saw a 30% spike just before the start of the holiday season. This webinar is designed to equip you with the knowledge and tools needed to help safeguard your business from ransomware, credential theft and other cyber crimes. Join us to learn from our industry experts, Kurt Baker and Dana Larson, about the latest eCrime trends, practical security measures and best practices for keeping your business and customer data secure. Don’t let cybercriminals ruin your holiday cheer — register now to protect your business during this critical time!

Key takeaways:
- Learn about common threats like phishing, ransomware, credential theft, payment-system attacks and consumer focused scams
- Discover actionable next steps you can take to prepare your business for the rise in eCrime
- See how CrowdStrike can protect you around the clock during the holiday rush

Protect Your Small Business From Cyber Threats This Holiday

With the relentless evolution of cyber threats and the complexity of managing dispersed data across multiple platforms, Cribl and CrowdStrike have joined forces to simplify the way organizations protect themselves. By harnessing the power of Cribl— the Data Engine for IT and Security— and CrowdStrike Falcon® Next-Gen SIEM, we’re turning the chaos of diverse and dispersed data into clarity. This partnership ensures your security team spends less time wrestling with data and more time focusing on defending against threats.

In this session, join Ed Bailey, Principal Technical Evangelist at Cribl, and Shivan Jairaj, Regional Director for NG-SIEM & Falcon Complete, APJ at CrowdStrike, to hear key insights and practical tips for architecting an effective data engine to fuel the next-gen SIEM.

Accelerating the AI-native SOC with CrowdStrike Next-Gen SIEM and Cribl

Get the highlights from one of the most popular breakout sessions at Fal.Con 2024.

Fal.Con 2024 Bonus Content: Defend Against Real-Time Threats in Your Microsoft Identity Environment

Fal.Con 2024 Bonus Content: From the IR Front Lines: Observations, Trends and Countermeasures

Fal.Con Bonus Content: 2024 Global Threat Landscape and Latest Product Innovations

CrowdStrike CTO Elia Zaitsev reveals how CrowdStrike’s cutting-edge AI innovations are supercharging the security analyst's workflow.

From Data to Defense: AI Innovations Transforming the Analyst's Journey | Fal.Con 2024

CrowdStrike President Mike Sentonas showcases how CrowdStrike is delivering the innovation needed to stop breaches and ensure cyber resilience.

Part 2 - Unleashing Innovation: Solving Cybersecurity’s Complexity Problem | Fal.Con 2024

CrowdStrike President Mike Sentonas sets the stage for CrowdStrike SVP of Counter Adversary Operations, Adam Meyers, to deliver a can't-miss threat briefing.

Part 1 - Unleashing Innovation: Solving Cybersecurity’s Complexity Problem | Fal.Con 2024

NVIDIA’s Chief Security Officer David Reber and CrowdStrike’s Chief Business Officer Daniel Bernard explore the evolving AI threat landscape and highlight the importance of securing AI from development to deployment.

Securing the Future of Generative AI | Fal.Con 2024

CrowdStrike Founder and CEO George Kurtz outlines Resilient-by-Design, a vision for a more secure and resilient global ecosystem in an increasingly interconnected world.

Resilient by Design | Fal.Con 2024

Ransomware attacks have evolved. Armed with stealthy, sophisticated malware, today’s ransomware is difficult to detect and even more challenging to halt. Today, 75% of attacks are malware free and impossible for legacy solutions to detect.
Ransomware attacks pose a significant threat to your business, your reputation, and the trust of your customers. Traditional antivirus and endpoint protection measures are no longer sufficient.
Join CrowdStrike for this exclusive event to:
● Gain insights into the evolving nature of ransomware.
● Recognize the limitations of traditional security tools that leave you vulnerable in today’s threat landscape.
● Watch a demo of the latest antivirus and modern endpoint security solutions that will keep you ahead of cybercriminals and ransomware attacks.

Defending Against Evolving Ransomware Attacks: Modern Security that Stays Ahead of the Adversary

Since the initial disclosure of Log4j, the OverWatch team, CrowdStrike’s elite team of threat hunters, has maintained around-the-clock vigilance, tracking the evolution of the Log4j threat, and developing techniques to uncover stealthy attempts to exploit it.

Join our OverWatch experts for a summary of the team’s threat hunting insights. You’ll get a real-world view from the experts on the front lines and gain insights you can use to kickstart your own Log4j threat hunting efforts.

Join this CrowdCast to hear more about:

• A look at the Log4j vulnerability through the eyes of elite threat hunters
• Case studies providing insights into how adversaries are carrying out their campaigns in the wild
• Ideas for suggested threat hunting techniques you can put into action in your own environment

Threat Hunting Log4j Exploits with Falcon OverWatch

Cyber Security

Cyber Attacks

Cyber Crime

Cyber Incident Response

Incident Response

Threat Detection

Threat Defence

IT Security

Endpoint Security

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Threat Hunting Log4j Exploits with Falcon OverWatch

Presented by

About this talk

More from this channel