Hi [[ session.user.profile.firstName ]]

How a Managed EDR Analyst Hunts, Investigates, and Remediates an Incident

Demo Video (8 mins)

In this demo, a Symantec Managed Endpoint Detection and Response (MEDR) analyst walks through an end-to-end example of how he:

- Creates an automated investigation playbook and hunts for a threat

- Demonstrates how he investigates suspicious detections from the managed threat hunt

- Remediates the incident to quickly stop the spread of the attack, and
Shares what is communicated to the customer within the incident assessment summary.

To learn more visit: https://go.symantec.com/MEDR
Recorded Aug 2 2019 9 mins
Your place is confirmed,
we'll send you email reminders
Watch for free
Presented by
Symantec
Presentation preview: How a Managed EDR Analyst Hunts, Investigates, and Remediates an Incident
Related topics:

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile

Symantec Customer Success

  • Doing Endpoint Security Right: Prevention Across the Entire Attack Life Cycle Recorded: Nov 7 2019 54 mins
    Roi Abitboul, VP Engineering, Symantec | Itzik Menashe, VP of IT & Information Security; Telit | Dave Gruber, Sr Analyst, ESG
    As attackers and attacks become more sophisticated, organizations require their endpoint security to keep up. IT security teams are choosing to deploy attack surface reduction, advance prevention, and endpoint detection & response as necessary layers for complete security.

    Join the webinar to learn:

    • The latest trends driving the need for a more comprehensive endpoint security approach.

    • How Telit is effectively protecting its endpoints.

    • Symantec’s approach in its new complete endpoint security solution:

    - Attack surface reduction to harden endpoint against exploits and zero-day threats

    - New innovations in delivering best-in-class prevention

    - Advance detection and response with tight integrations to help customers quickly identify attackers for better and faster remediation

    - Streamlined management and automation to reduce significant burden on already-strapped security professionals and IT teams

    Register Today
    Watch now
  • How a Managed EDR Analyst Hunts, Investigates, and Remediates an Incident Recorded: Aug 2 2019 9 mins
    Symantec
    Demo Video (8 mins)

    In this demo, a Symantec Managed Endpoint Detection and Response (MEDR) analyst walks through an end-to-end example of how he:

    - Creates an automated investigation playbook and hunts for a threat

    - Demonstrates how he investigates suspicious detections from the managed threat hunt

    - Remediates the incident to quickly stop the spread of the attack, and
    Shares what is communicated to the customer within the incident assessment summary.

    To learn more visit: https://go.symantec.com/MEDR
    Watch now
  • An Introduction to Symantec DLP Data Access Governance. Recorded: Aug 1 2019 61 mins
    Bruce Ong, (Director of Product Management, Symantec) Linda Park, (Senior Manager of Information Protection, Symantec)
    Industry analysts recommend that security and risk management teams use data-centric audit and protection, also known as DCAP, products to reduce insider-threat and compliance risks to critical data Watch this technical webinar to learn how to implement a DCAP strategy and enforce data security controls consistently across unstructured data silos with Symantec Data Loss Prevention Data Access Governance.
    Watch now
  • Symantec Endpoint Protection Mobile Product Updates - July 2019 Recorded: Jul 17 2019 61 mins
    Maya Mandel, Sr. Dir., Product Management , Symantec
    Join us for a customer dialog to learn about the latest Symantec Endpoint Protection (SEP) Mobile features and ask any product-related questions.

    You will learn about:

    Unwanted app rules based on Appthority insights
    User risk: breached accounts
    Mobile EDR: Investigating suspicious iOS modules
    Management Console localization
    SOC 2 Type 2 compliance
    Environment navigation and management
    Symantec Mobile App Defense (B2B2C SDK)
    A new health warning for devices missing a mandatory permission
    MDM integrations: iOS app inventory sync visibility
    SEP Mobile and Microsoft Defender ATP
    Watch now
  • Automated Hunting for Malicious Insiders and Advanced threats using Symantec ICA Recorded: Jun 25 2019 60 mins
    Bruce Ong, Director of Product Management, Symantec, Ryan Stolte, ICA Chief Technical Architect, Bay Dynamics
    Preventing Malicious Insiders from wreaking havoc and stealing sensitive data is extremely challenging as today’s security teams and SOC operators must analyze huge volumes of data to isolate threats. Further, even when risks are uncovered, in-depth investigation must encompass numerous security systems and data streams to determine how these activities can be stopped.

    In this webinar, you’ll learn how Symantec Information Centric Analytics automates threat hunting and speeds remediation, pinpointing problematic behaviours and informing response.
    Watch now
  • Web Isolation and Threat Risk Levels: Protection for Risky and Unknown Websites. Recorded: Jun 13 2019 52 mins
    Timothy Chiu (Sr Director, Product Marketing)
    Threat Risk Levels are one of the newest ways to help combat malicious websites, but there’s still a set of websites that are suspicious and we don’t have enough information to call them bad or good. Web Isolation fills a gap, providing safe browsing of suspicious websites, with zero risk of malicious code infecting the user’s computer. Learn about Web Isolation (WI) and how to use WI with Threat Risk Levels in this upcoming webinar.
    Watch now
  • How to Implement a Cloud Center of Excellence Recorded: May 16 2019 55 mins
    Jeannie Warner, Sr. Manager, Product Management Outbound, Symantec
    Gartner security industry analysts recommend the establishment of a Cloud Center of Excellence (CCoE) within every organization, represented by a cross-functional team of people responsible for developing and leading cloud strategy, governance, and best practices.
    Watch now
  • SSL Visibility Appliance and Integration Overview Recorded: May 9 2019 59 mins
    Bob Blair, Sr. System Engineer, Symantec
    In an era where most network traffic is SSL/TLS encrypted, organization need solutions to find encrypted threats without compromising their overall security posture. Unfortunately, some TLS interception solutions will introduce security risk in order to gain visibility. This technical webinar will teach you how the Symantec SSL Visibility Appliance can help you expose TLS encrypted threats, improve your security posture, and maximize the value of your network security investments.
    Watch now
  • Email Security.cloud: A walkthrough of the latest product enhancements Recorded: Apr 25 2019 61 mins
    Jimmy Lin, Sr. Product Manager, Symantec
    On 29 March 2019, we further extended the capabilities of Symantec Email Security.cloud. As a SaaS security service, it undergoes many upgrades throughout the year, allowing us to make improvements and add new capabilities. We have always understood the importance of ensuring our products are designed around the user’s needs. This is critical as our customers rely on Symantec to provide a highly practical solution.

    In this webinar, we’ll do a deep dive into some of the recent enhancements of our Email Security.cloud solution:

    Indicators of Compromise Blacklisting
    Service Configuration Health
    Symantec Email Security.cloud App for QRadar
    And more
    Watch now
  • Threat Risk Levels: Another Tool in ProxySG to Battle Dangerous Websites Recorded: Apr 17 2019 51 mins
    Timothy Chiu, Senior Director, Product Marketing, Network Security Products
    Millions of new URLs are created every day. Traditional URL filtering using categorization can’t keep up with the websites that may only exist for 24 hours or less. Learn how new AI engines in the Global Intelligence Network take website metadata and generate a threat risk level for every new URL, giving you crucial information for policy decisions on web access. Learn about Threat Risk Levels in this upcoming webinar.
    Watch now
  • Cloud Workload Assurance: A Journey from visibility to compliance on the Cloud Recorded: Apr 11 2019 50 mins
    Daniel Frey (Sr. Manager, Prod Marketing) and Anand Visvanathan (Dir. Prod Management)
    Misconfigurations of cloud services can lead to gaping holes in your cloud environment and present low hanging fruit for attackers. Cloud users need a proactive, automated approach to monitoring and securing the cloud control plane.

    In this webinar, you’ll learn how as a user you can tackle the most pressing problems that face some companies during their cloud journey

    • Configuration Errors: Monitor changes happening to cloud services in real-time and maintain your “gold standard” security posture.
    • Painstaking Triage: Automate the remediation process to handle any security issues for both inline as well as offline workflows.
    Watch now
  • Symantec Endpoint Protection Mobile Product Updates - April 2019 Recorded: Apr 10 2019 57 mins
    Maya Mandel, Sr Dir. Product Management
    Join us for a periodical customer dialog to learn about the latest Symantec Endpoint Protection (SEP) Mobile features and ask any product-related questions.

    You will learn about:

    Detection and protection against untrusted DNS server
    Content manipulation classification
    Mobile security headlines and newsletter
    SEP Mobile on the Symantec Help Center
    Intune: support complex deployment needs
    AirWatch: support encrypted end-user email addresses
    Watch now
  • 2019 Internet Security Threat Report (ISTR): The New Threat Landscape Recorded: Mar 28 2019 59 mins
    Kevin Haley, Director Product Management, Security Technology & Response, Symantec
    As ransomware shows early signs of decline, new forms of attack emerge to take its place. Stealthy techniques allow attackers to fly under the radar, placing enterprises at increasing risk.

    Join us as we discuss these trends and more:

    - Formjacking was the breakthrough threat of 2018, as cryptojacking and ransomware show signs of decline. However enterprises continue to face the problem of targeted ransomware.

    - Living off the land and supply chain attacks are now a staple of the new threat landscape.

    - Cloud users facing challenges on multiple fronts through data leaks from cloud storage and low-level chip vulnerabilities.

    - Targeted attack groups show increasing interest in operational targets; greater number of groups adopting destructive malware.

    Please Join Us, Register Today
    Watch now
  • Advanced Automated Security with Symantec and Splunk Recorded: Mar 26 2019 60 mins
    Colin Gibbens (Dir Prod Mgmt, Enterprise Security Products) and Don Leatham (Sr Manager, Global Strategic Alliances)
    Cyber attackers are using sophisticated automation tactics to quickly find and exploit weaknesses in organizational defenses. Normal response tactics fail to mitigate or stop these “machine speed” attacks. The information necessary to address these attacks is often in different security tools, none of which are easily connected and coordinated.
    In this webinar, you will learn how Symantec and Splunk products address this problem by working together to automate a complete, closed-loop security system.
    Watch now
  • An introduction to Symantec Email Fraud Protection Recorded: Jan 16 2019 42 mins
    Anant Krishna Vadlamani, Brian Westnedge, Steve Whittle
    In this webinar, we’ll go in depth on Symantec Email Fraud Protection, a new automated DMARC enforcement solution that provides another layer of defence to eliminate the single biggest phishing attack vector: exact-domain impersonation.
    Watch now
  • Symantec Endpoint Protection Mobile: Product Updates - January 2019 Recorded: Jan 15 2019 52 mins
    Maya Mandel, Sr Dir, Product Management
    Join us for a periodical customer dialog to learn about the latest Symantec Endpoint Protection (SEP) Mobile features and ask any product-related questions.

    You will learn about:

    SEP Mobile EU datacenter
    Unwanted Network Content policies
    Appthority integration and access
    WSS integration for iOS
    Custom security alerts
    Simple Android Enterprise & AirWatch 'Personal' profile enrollment
    Emulated devices visibility and enforcement policies
    And more...
    Watch now
  • Technical Education Series: Securing the Cloud Approach (re-run) Recorded: Dec 6 2018 56 mins
    Mohammad Kaouk - World Wide Solutions Architect
    In this webinar you will learn how to utilize Symantec’s Web Security Service in order to secure your day to day interactions with the Internet.
    Watch now
  • Symantec Endpoint Protection Mobile Product Updates - October 2018 Recorded: Oct 25 2018 49 mins
    Maya Mandel, Sr Dir, Product Management
    Join us for a monthly customer dialog to learn about the latest Symantec Endpoint Protection (SEP) Mobile features and ask any product-related questions.

    You will learn about:

    A new on-device protection action against malicious URLs
    Trusted enterprise developer certificates
    Risky hosts file detection
    Auto-login on unmanaged iOS devices
    SEP Mobile apps localization
    Download risky APKs directly from the Management Console
    Compliance policy based on app classification
    Marking Android apps as unwanted based on the actual device state
    Support for Android work profile devices
    And more...
    Watch now
  • Email Security.Cloud: Policy Based Encryption Best Practices Recorded: Oct 23 2018 51 mins
    Jimmy Lin, Sr Product Manager & Sarah Happé, Dir.Client Engagement
    In this webinar, we’ll explore the Policy Based Encryptions service – highlighting how it works, how to trigger a policy, and the user experience. We’ll also cover advanced features and industry best practices to equip you with the tools needed to protect your organization.
    Watch now
  • Technical Education Series: Further Securing the SaaS Model Recorded: Sep 20 2018 59 mins
    Hari Nanda, Sr. Systems Engineer, Symantec
    In this webinar you will learn how to utilize and configure Symantec’s CoudSOC service to protect access to an Office 365 SaaS environment.
    Watch now
Symantec Customer Success
Symantec Technical Webinars connect you with leading product experts, to keep you informed on the latest product features and enhancements, and to equip you with field tested best practices on how to configure and maintain your products and to make the most of your Symantec solutions.
  • Upcoming webinars (0)
  • Recorded webinars (31)
  • Subscribers (4,046)
Channel RSS feed

Register for Free

 

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How a Managed EDR Analyst Hunts, Investigates, and Remediates an Incident
  • Live at: Aug 2 2019 3:15 pm
  • Presented by: Symantec
  • From:
Your email has been sent.
or close