Hi [[ session.user.profile.firstName ]]

Doing XDR Right: What It Is and What it Can Do for Your Organization

XDR (Extended Detection and Response) promises to unite and integrate such security tools as focused on threat protection, detection and response, creating a single megasolution. Such an approach could yield significant benefits for an organization, Join ExtraHop and (ISC)2 on January 28, 2021 at 1:00PM Eastern for an examination on the costs and benefits of this strategy, a discussion of use cases, as well as:

• How to avoid vendor lock-in while still getting the best security tools available

• What XDR is, and what it isn't, including which data sources and security tools are typically included in XDR offerings, and how they work together.

• The advantages and disadvantages of Best of Breed vs. Single Vendor detection and response strategies.
Recorded Jan 28 2021 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chase Snyder Sr. Prod Mktg Mgr, ExtraHop; Raj Goel, Brainlink; Lloyd Diernisse; B. Dunlap, Moderator
Presentation preview: Doing XDR Right: What It Is and What it Can Do for Your Organization

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • New Trends in Ransomware Response Recorded: Sep 10 2021 60 mins
    Sherri Davidoff, CEO, LMG Security // Don Shin, Sr. Product Marketing Manager, ExtraHop
    Ransomware has evolved. The emergence of ransomware-as-a-service and franchise models has fueled exponential growth in the cybercrime industry. Criminals are leveraging double and even triple-extortion, threatening to expose stolen data in addition to locking it up. All too often, ransomware is the last stage of a longer-term attack, where criminals lurk for weeks or even months in victim and supplier networks.

    Your response matters. In this fast-paced webinar, seasoned ransomware experts share their techniques for effectively containing and eradicating the adversary. We'll show you the latest ransomware in action, with videos and screenshots from actual cases, and discuss strategies for monitoring and recovering from a ransomware attack. We'll also cover mistakes to avoid and tactics for thwarting the stealthiest new threats. Join us an learn the critical steps you can take to keep a minor incident from becoming a major catastrophe.
  • 2021 Top New Attacks and Threat Report: Panel Discussion Recorded: Aug 31 2021 56 mins
    John Pescatore, Director of Emerging Security Trends, SANS Institute; Thomas Clavel, Director of Product Marketing, ExtraHop
    In the SANS 2021 Top New Attacks and Threat Report, John Pescatore and the panel will provides insight on the critical skills, processes and controls needed to protect their enterprises from these advanced attacks.
  • ハイブリッド・セキュリティ:サプライチェーン攻撃への対応 Recorded: Aug 30 2021 61 mins
    藤田 達也, シニア・セールスエンジニア, ExtraHop


    - 攻撃経路を監視・制御するための手法とサプライヤーとの連携方法
    - ネットワーク・テレメトリーの価値
    - サプライチェーン 攻撃の特徴を分析しセキュリティ体制を改善する施策

  • Accelerate Zero Trust Adoption Through Complete Visibility Recorded: Aug 26 2021 61 mins
    Tom Roeh, Sales Engineering Director, ExtraHop and Thomas Clavel, Director of Product Marketing, ExtraHop
    It's no surprise that Zero Trust initiatives are increasing in importance. The onslaught of advanced persistent threats, like ransomware, and the boom in hybrid workplaces are just two of the most common factors driving this demand. While the need for adopting Zero Trust is evident, the path to success is not.

    In this 45-minute webinar, you'll hear from ExtraHop experts discuss important considerations for planning, implementing, operating, and securing a Zero Trust deployment.
    Insights include:
    - The vital role network data plays to deliver end-to-end visibility
    - How to have frictionless collaboration between NetOps, SecOps, and CloudOps teams throughout a Zero Trust rollout
    - You'll also learn practical steps you can take to achieve your Zero Trust goals more rapidly and with lower risk.
  • Curbing the Flow of Ransomware: Real or Pipe Dream? Recorded: Aug 19 2021 64 mins
    Mark Bowling, VP of Security Response at ExtraHop; Joe Franco, Sr. Program Manager at MeriTalk
    The Colonial Pipeline ransomware attack showed the American people that cybersecurity lapses can have real impacts on critical infrastructure safety and continuity across the nation. The attack cut the flow of fuel to the East Coast, and other high-profile ransomware attacks followed in recent weeks, leaving IT leaders wondering if the steady stream of news-making cyber events will ever cease.

    The idea that government and industry can stop ransomware and other escalating cyber threats isn’t a pipe dream, however.

    Watch this exclusive webinar to hear from experts at CISA, Juniper Networks, ExtraHop, and Ping Identity who will dive deep into:
    - Our nation’s current state of cybersecurity
    - The impact of the Biden administration cybersecurity executive order and infrastructure plan
    - How government and industry can coordinate to protect critical infrastructure from malicious cyber actors seeking financial reward or even more damaging outcomes

    The Federal push for better cybersecurity has become a national priority as a result of the Colonial Pipeline attack. We hope you can join us for this important conversation about securing our critical infrastructure.
  • Next-Gen Intrusion Detection Finally Delivers Compliance and Security Recorded: Aug 17 2021 50 mins
    Chris Krueger, Principal II - Solutions Engineering at Coalfire Systems; Aaron Davidson, Sr. Sales Engineer at ExtraHop
    Intrusion Detection Systems (IDS) rely on brittle signatures and are a time drain, frequently called an alert canon. But, IDS is still a major part of your PCI DSS and other compliance stacks. Unfortunately, today’s attackers prefer to step around IDS by focusing on your users’ weaknesses rather than vulnerability exploits that IDS watches for. You need a new approach that makes your intrusion detection budgets deliver more than just compliance….one that encompasses ML behavioral analysis, spots lateral movement, and identifies encrypted attacks. Finally, an NG-IDS against modern threats.

    Join ExtraHop security experts and Chris Krueger, from Coalfire Systems, Inc., to learn how Next-Gen intrusion detect technology can bridge IDS compliance and security gaps.
  • Detecting Advanced Persistent Threats in a World of Encrypted Traffic Recorded: Aug 12 2021 59 mins
    Jesse Munos, Tech. Mktg. Mgr., ExtraHop; Frans Schippers, Amsterdam Univ of Applied Science; Richard Tychansky, Sec Architect
    Cyber security doctrine established the need to encrypt data while in transit and at rest. Between 80% and 90% of Internet traffic is now encrypted, providing invaluable security benefits, but also limiting the SecOps team's ability to rapidly detect, investigate, and respond to security incidents. Join ExtraHop and (ISC)2 on August 12, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a roundtable discussion on the various approaches to overcoming the security concerns created by the proliferation of encryption technologies. We’ll also examine:

    · Why encryption of data in transit is critical to organizational security

    · The visibility gap created by encryption

    The benefits and limitations of:

    · Deep Packet Inspection

    · What is TLS and why is it Important to be up-to-date

    · Encrypted Traffic Analytics

    · Decrypting Traffic (both in and out of band)
  • Cloud Security in Three Essential Steps Recorded: Aug 11 2021 38 mins
    Corey Quinn, Chief Cloud Economist, Duckbill Group and Mike Sanders, Sr. Cloud Security Engineer, ExtraHop
    Cybersecurity has never been easy, but as enterprises expand into the cloud, advanced threats and friction have followed close behind. While security teams like yours need the advantage over attackers, it’s not so easy when security tools struggle to match the scale and elasticity of the cloud.

    In this webinar, cloud security experts from ExtraHop will be joined by Corey Quinn of the Duckbill Group to discuss the three essential steps toward a secure cloud environment:
    · Know your datasource: Learn the benefits of logs vs agents vs network packets
    · Investigate and hunt threats: Learn the power of network forensics in the cloud
    · Detect and respond fast: Learn how to stop an attacker in their tracks
  • Monitoring Critical Cloud Workloads Recorded: Aug 9 2021 60 mins
    Bill Kleyman, Executive VP of Digital Solutions, Switch and Michael Sanders, Sr. Cloud Security Engineer, ExtraHop
    With the proliferation of cloud computing in the IT enterprise, and with companies moving more mission critical applications to the cloud, it’s important for the IT organization to provide a level of trust to the business that those workloads are being adequately monitored for security threats. And while many companies understand that need and are making strides, there are still too many situations where the inability to monitor in real time opens up the enterprise to damaging business results. In this webinar, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.

    When you attend this webinar, you will:
    - Whether your current approach to monitoring access to sensitive data in the cloud is effective
    - How to determine if a specific access request or data transfer is standard – or malicious
    - Why it's important to develop KPIs for measuring the effectiveness of your cloud monitoring efforts
  • Reduce Time to Detect at Scale Using Network Detection and Response Tools Recorded: Aug 2 2021 50 mins
    John Pescatore, Director of Emerging Security Trends, SANS Institute; Lee Chieffalo, Technical Director, Viasat
    Ransomware attacks have increased the need for security operations to reduce time to detect and mitigate threats and restore connectivity. An efficient way of achieving these objectives is for NetOps and SecOps to use common tools that support insight into performance issues and security-relevant changes and anomalies.

    In this SANS WhatWorks webinar, John Pescatore speaks with Lee Chieffalo to get details on VIASAT’s selection, deployment, and experience of using ExtraHop Reveal(x). They’ll also discuss lessons learned, best practices, and answer questions to gain deeper insight.
  • Accelerate Zero Trust Adoption Through Complete Visibility Recorded: Jul 29 2021 63 mins
    Tom Roeh and Pat Park
    It's no surprise that Zero Trust initiatives are increasing in importance across federal, state, and local government institutions. New cybersecurity mandates and a boom in remote work due to COVID-19 are just two of the most common factors driving this demand. While the need for adopting Zero Trust is evident, the path to success is not.

    In this 45-minute webinar, you'll hear from experts on ExtraHop’s Public Sector team discuss important considerations for planning, implementing, operating, and securing a Zero Trust deployment. You'll also learn practical steps Public Sector IT teams can take to achieve your Zero Trust mandate more rapidly and with lower risk. This includes the vital role end-to-end visibility and frictionless collaboration between IT ops teams play across Zero Trust rollout phases.
  • The Cloud Security Trifecta: AWS + CrowdStrike + ExtraHop Recorded: Jul 21 2021 45 mins
    Patrick McDowell, Sr Partner SA, AWS; Dixon Styres, Solution Architect, CrowdStrike; John Smith, Principal Engineer, ExtraHop
    As enterprises expand their footprints in the cloud, their attack surface expands, and they often run into issues and friction that can weaken security and leave them vulnerable to advanced threats. This presentation will cover:
    - How rapidly evolving threat actors use novel, cloud-specific attack tactics to prey on companies that move critical workloads to the cloud
    - How to leverage the three primary data sources or tool types a cloud SOC needs in order to achieve complete security visibility: logs (SIEM), endpoint monitoring (EDR), and the network (NDR).
    - How to regain the advantage over attackers by leveling up your threat detection and response capabilities with tight integration between best-of-breed tools in these three classes.

    You’ll also get a quick demo highlighting how these 3 data sources come together to detect and investigate advanced threats in the cloud and stop breaches faster.
  • How A Healthcare Org Boosted Their Security with Network Detection & Response Recorded: Jul 8 2021 45 mins
    Josh Snow, Senior Sales Engineer, ExtraHop; Richard Stepanek, CIO, Central Oregon Radiology Associates
    This session will cover how Central Oregon Radiology Associates (CORA) Network Detection & Response (NDR) improved security posture and reduced costs while securing remote sites and medical IoT for over 8,000 physicians, hospitals, and clinics. The session will include actionable advice for reducing costs and improving operational efficiency. We'll cover several key areas, including how CORA:

    - Reduced security costs 30% and decreased IT monitoring spend by 75%
    - Supported a full organizational migration to Office365 while ensuring HIPAA compliance
    - Actionable advice for healthcare organizations to improve security outcomes through greater NetOps and SecOps collaboration
  • Making Visibility Definable and Measurable - A SANS Panel Discussion Recorded: Jun 28 2021 61 mins
    Chase Snyder, Sr Product Marketing Manager, ExtraHop; John Pescatore, Director of Emerging Trends, SANS
    Cybersecurity professionals consistently place visibility at the top of their recognized needs list. But the definition of security visibility covers a wide range, often lacking measurable elements that can help predict risk reduction if visibility is improved.

    On this webcast, SANS Research Director Barbra Filkins and SANS Director of Emerging Security Trends John Pescatore will discuss the SANS 2021 Visibility Report with sponsor representatives.
  • Breaking AD Trust Boundaries through Kerberos Vulnerabilities Recorded: Jun 11 2021 60 mins
    Dirk-jan Mollema, Core researcher of Active Directory and Azure AD Fox-IT // Jeff Deininger, Principal Cloud SE, ExtraHop
    In larger enterprise environments multiple Active Directory forests are often in use to separate different environments or parts of the business. To enable integration between the different environments, forests trusts are set up. The goal of this trust is to allow users from the other forest to authenticate while maintaining the security boundary that an Active Directory forest offers.
    In 2018, this boundary was broken through default delegation settings and Windows features with unintended consequences. In 2019 the security boundary was once again established through a set of changes in Active Directory. This research introduces a vulnerability in Kerberos and forest trusts that allows attackers to break the trust once again.
    The talk will provide technical details on how Kerberos works over forest trusts and how the security boundary is normally enforced. Then the talk will discuss a flaw in how AD forest trusts operate and how this can be combined with a vulnerability in the Windows implementation of Kerberos to take over systems in a different forest (from a compromised trusted forest).
    The talk will be accompanied by a proof-of-concept and a demonstration of abusing the vulnerability.
  • It Is Always DNS, SUNBURST Confirms Recorded: Jun 7 2021 61 mins
    Deb Radcliff, Cybersecurity Analyst and Author; Tanner Payne, Sr. Sales Engineer at ExtraHop
    Workforce DNS usage grew by 250% during the pandemic, making DNS a choice pathway for attackers to hide. SUNBURST, an advanced and sophisticated supply chain attack that exposed 18,000 unsuspecting companies, used innovative ways to exploit DNS. How can you ensure that your security stack will catch the next attack hiding in DNS?

    In this webcast, author and analyst Deb Radcliff sits down with ExtraHop network security expert Tanner Payne to discuss ExtraHop research insights and her recently published white paper, SolarWinds SUNBURST DNS Abuse Tactics. The talk will include DNS exploit detection demos and cover:
    - Novel ways SUNBURST exploited DNS.
    -How it used malicious DLLs that looked like they belonged to SolarWinds and encoded unique identifiers into the DNS queries to identify high-value targets.
    -Why traditional security missed it and why the network detection and response (NDR) can catch the next one.
  • 3 Ways SecOps and NetOps Collaboration Saves Money & Stops Attackers Faster Recorded: Jun 3 2021 59 mins
    Chase Snyder, ExtraHop, JJ Thompson, Andrew Boyle, BAH; Brandon Dunlap, Moderator
    Call It NetSecOps, IT/Security Operations, SOC/NOC or SNOC. Whatever the name, better collaboration between security operations and network operations teams has enormous benefits for teams that follow through. Join Extrahop and (ISC)2 on June 3, 2021 at 1:00 p.m. Eastern for a discuss on how this union can help with tool consolidation, improve incident response time and effectiveness and adapt to the cloud, remote work, and beyond.
  • Beyond DarkSide: How to Catch & Stop Next-Gen Ransomware Recorded: May 20 2021 52 mins
    Mark Bowling, VP of Security Response; Josh Snow, Sr. Sales Engineer; Mike Campfield, VP of International Sales
    The temporary shutdown of Colonial Pipeline––a critical pipeline providing nearly half of the gasoline supply for the East Coast of the United States––just over a week ago brought sophisticated ransomware bursting back into the spotlight. Panicked drivers hoarded gasoline as prices skyrocketed, and security teams were pummeled with the question: "What are you doing so this doesn't happen to us?"

    Join Mark Bowling, VP of Security Response at ExtraHop and 20-year veteran of the FBI cybercrimes division, Mike Campfield, and Josh Snow as they discuss:
    - Hallmarks of the DarkSide ransomware variant, including both exfiltration and encryption.
    - How to detect early indicators of compromise and respond before it gets out of control.
    - How industrial control systems and operational technology fit into the security landscape and what President Biden's announcement means for future attacks.
    - How to build a security posture that's both resistant and resilient to sophisticated ransomware operations and other advanced threats.

    Mark will also share lessons learned from his experience in the FBI and as a cybersecurity consultant on the best practices that set organizations apart when it comes to thwarting ransomware.
  • 3 Ways to Improve Your Cloud Security Recorded: May 19 2021 51 mins
    Ryan Davis, Sr. Cloud Product Marketing Manager at ExtraHop
    Cybersecurity has never been easy, and as enterprises expand their footprints in the cloud, they often run into issues and friction that can weaken security and leave them vulnerable to advanced threats. Cloud environments are highly dynamic, and many security tools struggle to match the scale and elasticity the cloud provides. Security teams need to regain the advantage over attackers, and network data offers an elegant solution to improving observability, threat detection, and response.

    In this webinar we’ll discuss 5 ways to think about cloud security from a network perspective:
    - Know your datasource
    + Flow logs vs packets
    + NDR vs Logs vs EDR
    - Investigate and hunt threats
    + Take advantage of the power of forensics
    - Detect and immediately respond to advanced threats

    You’ll also get a quick demo highlighting how these 3 key components of stronger security can be put into action in your cloud environment. Learn how the power of Network Detection and Response solutions can help you reclaim the upper hand in your cloud environments.
  • Making XDR Work In Your Enterprise Recorded: May 13 2021 61 mins
    Chase Snyder, ExtraHop // Dave Gruber, ESG
    Cybersecurity teams are working to extend detection and response technologies from the endpoint to many other parts of the enterprise IT environment, including the network, the cloud, and managed services. But how do these “XDR” technologies work in real operating environments? How do they tie together, and what are the challenges in implementing them? In this Dark Reading webinar, experts discuss the real-life implementation issues surrounding emerging detection and response technologies. You’ll learn how these emerging technologies can be integrated with your existing cybersecurity tools, and how XDR technology might affect your cybersecurity operations and processes.
Helping you gain the perspective to secure the hybrid enterprise
The prevention and protection model of cybersecurity isn’t working: between the cloud, IoT, and the sheer pace of change, the enterprise is no longer built to be walled in. This channel provides educational webinars to help SecOps (SOC) and NetOps (NOC) teams, from CIOs and CISOs to analysts and practitioners, change their perspective in order to identify, investigate, and respond to threats across the modern attack surface. We explore how cloud-native network detection and response (NDR) provides the complete visibility, real-time threat detection, and intelligent response you need to secure your hybrid environment. You’ll also find product information about ExtraHop Reveal(x) which enables you to: Eliminate blind spots: Cover 100% of your hybrid environment, Detect what matters: Find threats 95% faster, and Act quickly: Respond to breaches 70% faster.

Learn more at www.extrahop.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Doing XDR Right: What It Is and What it Can Do for Your Organization
  • Live at: Jan 28 2021 6:00 pm
  • Presented by: Chase Snyder Sr. Prod Mktg Mgr, ExtraHop; Raj Goel, Brainlink; Lloyd Diernisse; B. Dunlap, Moderator
  • From:
Your email has been sent.
or close