Investigate East-West Attack Activities to Defend Critical Assets: A SANS Review

Logo
Presented by

Dave Shackleford, SANS Instructor and Founder of Voodoo Security; Barbara Kay, Sr Director of Security Product Marketing

About this talk

This SANS Institute review evaluates the ExtraHop Reveal(x) product and its ability to support detection, investigation and response for these late-stage attack activities. Reviewer Dave Shackleford puts ExtraHop Reveal(x) through its paces using a use case of an outside attacker who has compromised an internal system. The attacker is scanning the network, trying to gain access to a file share through brute force, pulling down data and exfiltrating that data. How does Reveal(x) perform in this scenario? Attendees at this webcast will learn about the role of machine learning in detecting and responding to threats and see how ExtraHop Reveal(x) can: - Assist in investigating incidents - Provide proactive threat hunting - Help with security hygiene and compliance - Integrate with other tools
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (190)
Subscribers (11577)
The prevention and protection model of cybersecurity isn’t working: between the cloud, IoT, and the sheer pace of change, the enterprise is no longer built to be walled in. This channel provides educational webinars to help SecOps (SOC) and NetOps (NOC) teams, from CIOs and CISOs to analysts and practitioners, change their perspective in order to identify, investigate, and respond to threats across the modern attack surface. We explore how cloud-native network detection and response (NDR) provides the complete visibility, real-time threat detection, and intelligent response you need to secure your hybrid environment. You’ll also find product information about ExtraHop Reveal(x) which enables you to: Eliminate blind spots: Cover 100% of your hybrid environment, Detect what matters: Find threats 95% faster, and Act quickly: Respond to breaches 70% faster. Learn more at www.extrahop.com