Multi-Signal Defense Kill Chain: Strengthening Combat Capabilities in Intrusions

Logo
Presented by

Keegan Keplinger, Research and Reporting Lead, eSentire; Brandon Dunlap, Moderator

About this talk

Cybersecurity teams are fighting a losing battle trying to keep up with complex business requirements and the expanding attack surface. Although traditional security controls and MSSPs (managed security service providers) were once effective, they are no match for the growing speed and sophistication of modern threats. Unfortunately, you can’t protect your organization from cyber threats if you don’t have complete visibility across your attack surface. Even if your team utilizes a global threat hunting and threat intelligence team, they must be armed with data correlation and contextualization capabilities across multiple signals (e.g., endpoint, log, network, cloud) to effectively contain and remediate advanced persistent threats. Join eSentire and (ISC)² May 19, 2022 at 1:00 p.m., Eastern/10:00 a.m. Pacific to hear how threat intelligence teams can use data from multiple signal sources for enhanced threat detection, investigation, and response. Learn more about: • What multi-signal data correlation and contextualization means in the context of threat intelligence and threat hunting • Mapping tactics and techniques threat actors use to fulfill their objectives back to each phase of the overall attack workflow • Deep dive into how eSentire’s Threat Response Unit (TRU) used data from log, endpoint, and network to build detection content for threats like Log4j and Cobalt Strike • How threat intelligence teams can adopt a multi-signal approach to enrich their detection engineering content
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (154)
Subscribers (4682)
eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit www.esentire.com and follow @eSentire