3 Challenges of Using EDR for Threat Hunting [2/3 Threat Hunting Series]

In part 2 of our myth busting webinar series, threat hunters from Infocyte will discuss how to scalably and proactively hunt for unknown threats across the entire enterprise network with an approach called Forensic State Analysis (FSA). We will compare FSA against three of the traditional methods of threat hunting that you may have been told are the “only” ways to perform threat hunting. We will look at the pitfalls of relying on Endpoint Detection (EDR) software as a substitute for proactive threat hunting, and examine some of the common misconceptions. We will also show how FSA arms security practitioners with an effective and efficient methodology to hunt without relying solely on sophisticated security infrastructure, big data or experts. In EDR vs FSA, you will learn about: - The use cases for traditional Endpoint Detection - The challenges of using real-time detection tools to find hidden threats - How to hunt at scale and simplify the threat hunting process using FSA About the presenters: Chris Gerritz, the Founder of Infocyte, is a pioneer in defensive cyberspace operations having built the U.S. Air Force's first interactive Defensive Counter Cyberspace (DCC) practice. Infocyte is the result of Chris’ experience hunting adversaries within some of the largest and most targeted defense networks in the world. His experience provides him with an unmatched level of operational expertise and equips him with a highly refined perspective on how to tackle today's security threats. Rohit Dhamankar is VP of Product at Infocyte, and is responsible for defining the company's product and strategy. Dhamankar brings more than 15 years of security industry experience across product management, threat research, technical sales and customer solutions.