Hi [[ session.user.profile.firstName ]]

ATT&CK Deep Dive: Lateral Movement

Join Red Canary, Carbon Black, and MITRE ATT&CK™ for a deep dive into lateral movement detection.

This hands-on webinar will demonstrate how applying lateral movement detection tactics and techniques can help you find higher level actors in your environment and improve the efficacy of your security program.

Presenters include: Tony Lambert, Detection Engineer - Red Canary, John Wunder, Principle Cybersecurity Engineer - MITRE and Rick McElroy, Head of Security Strategy - Carbon Black
Recorded Jun 24 2019 71 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Phil Hagen DFIR Strategist SANS Senior Instructor - Red Canary

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Becoming a Leader: An Inside Look at a Level 4 Threat Hunting Program Recorded: Oct 17 2019 60 mins
    Casey Smith Director of Applied Research & with Brian Baskin Technical Director of Threat Research @ Carbon Black
    What is required to take your threat hunting program to the highest level of maturity? Using Red Canary as a case study, this session will provide a behind-the-scenes look at how to bring together MITRE ATT&CK™, CB Response, and Atomic Red Team to analyze massive amounts of data and quickly detect adversaries. This webinar also features David J. Bianco's threat hunting maturity model.

    Attendees will learn how to:

    - Automate the majority of successful data analysis procedure
    - Map adversary techniques to detection coverage
    - Test, validate, and continuously improve visibility
    - Make threat hunting a repeatable process that drives better security outcomes
  • Testing Visibility to Develop an Innovative Threat Hunting Program Recorded: Oct 3 2019 63 mins
    Joe Moles VP, Customer Sec Ops & Adam Mathis Security Practitioner @ Red Canary, Jimmy Astle Threat Researcher @ Carbon Black
    Do you have the visibility you need to hunt for adversary techniques? Increasing the quality and quantity of data analysis requires a robust set of tools, techniques, and practices. Learn how to use the MITRE ATT&CK™ framework, CB Response, and Atomic Red Team to hunt for adversary techniques and build functional tests to understand visibility.

    This hands-on technical session will demonstrate how to:

    - Hunt for frequently used ATT&CK techniques with CB Response
    - Measure and improve visibility with Atomic Red Team tests
    - Turn new intelligence into hunting criteria
    - Investigate data that can support a judgment call on whether activity is malicious or benign
  • Using the ATT&CK™ Framework to Mature Your Threat Hunting Program Recorded: Sep 19 2019 64 mins
    Phil Hagen, Red Canary. Rick McElroy, Carbon Black. John Wunder, MITRE.
    Every threat hunt starts with intelligence. As one of the industry’s most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats.

    Join Carbon Black, Red Canary and MITRE for "Using the ATT&CK Framework to Mature Your Threat Hunting Program" to learn how to use ATT&CK to:

    - Increase the efficacy of your threat hunting program
    - Hunt for adversary tactics and techniques across the ATT&CK matrix
    - Develop a hypothesis and test it against known techniques
    - Obtain a broader set of evidence by hunting for adversarial techniques rather than specific signatures
  • Cognitions of a Cybercriminal: Get Visibility into Adversary Behavior Recorded: Aug 29 2019 60 mins
    Tom Kellermann, Chief Cybersecurity Officer, Carbon Black. Rick McElroy, Security Strategist, Carbon Black.
    With the rising volume of cyberattacks, and the increase in non-malware techniques, CISOs need to evolve their defenses. This means obtaining better visibility into cybercriminal and better visibility into their environment. The place to start is with a clear understanding of how today’s cybercriminals think as they execute a cyberattack on a targeted organization.

    This webinar is based on findings from Carbon Black’s behavioral data and provides CISOs with an added layer of information to enhance Kill Chain and ATT&CK strategies for threat hunting.

    Register for this webinar to gain:

    - An understanding of how cybercrime has evolved in the past 2 years.
    - Profiles and motivations of today’s cybercriminals.
    - A breakdown of cybercriminal behavior presented in 3 clear phases.
    - Data and analogies to help you explain the threat to executives.
    - Specific actions to take to accordingly reevaluate your security posture.
  • Gray Day: How I Caught the Most Damaging Spy in American History Recorded: Jul 8 2019 60 mins
    Eric O'Neill, National Security Strategist - Carbon Black
    Imagine if the FBI locked you in a room for eight hours a day with the most ruthless and damaging spy in United States history. Imagine feeling unqualified and outgunned, knowing the country depends on you to succeed despite the fact no one has provided the means to do so. Robert Hanssen was a notorious cyber spy charged with selling American secrets to Russia for more than US$1.4 million in cash and diamonds.

    His ability to exploit computer systems allowed him to protect his identity during a 22-year spy career. In this edge-of-the-seat spy thriller talk, Eric O’Neill shares intricate details of the investigation and shows how you can find success inside yourself by setting small goals that lead to big accomplishments until finally, through courage, confidence, and determination, victory is achieved.

    Join us for a webinar highlighting Eric's story and more.
  • ATT&CK Deep Dive: Lateral Movement Recorded: Jun 24 2019 71 mins
    Phil Hagen DFIR Strategist SANS Senior Instructor - Red Canary
    Join Red Canary, Carbon Black, and MITRE ATT&CK™ for a deep dive into lateral movement detection.

    This hands-on webinar will demonstrate how applying lateral movement detection tactics and techniques can help you find higher level actors in your environment and improve the efficacy of your security program.

    Presenters include: Tony Lambert, Detection Engineer - Red Canary, John Wunder, Principle Cybersecurity Engineer - MITRE and Rick McElroy, Head of Security Strategy - Carbon Black
  • How to Protect Your End-of-Life Operating Systems Recorded: May 21 2019 52 mins
    Jason Madey, Security Strategist at Carbon Black
    Threats such as WannaCry and Petya/NotPetya have demonstrated that hackers are more familiar with the vulnerabilities of your unsupported systems than you are. When new patches are released for new systems, attackers easily reverse engineer the update and quickly find all the weaknesses in your end-of-life (EOL) systems. Traditional security solutions are powerless in detecting and preventing advanced attacks and unknown threats.

    Join us as we examine the challenges posed to your EOL OS and share best practices for protecting your systems.

    You'll come away from the webinar with:
    - A better understanding of the challenges presented by your EOL OS.
    - Insights from other organizations that face your same challenges.
    - An action plan for how application control helps you meet (or overcome) these challenges.
  • 10 SMB Endpoint Problems Solved By the Cloud Recorded: May 7 2019 43 mins
    Molly Conway, Senior Product Marketing Manager at Carbon Black & Bill Bocash, IT Manager at Stonewall Kitchen
    Are you struggling to keep your endpoint security up to date? You’re not alone. Small to mid-sized companies have less resources — yet have the same risk of attack as larger companies. And that risk is only increasing. In 2017, the number of ransomware attacks increased by 30x and the number of breaches increased by 40%.

    Good news! Smaller companies can protect themselves just as well as large enterprises thanks to cloud-based endpoint security.

    Join us for a live webinar to discuss how next-generation endpoint security in the cloud solved the most common challenges SMBs are facing.

    You will learn:
    - The 10 most common security problems facing small to mid-sized companies
    - How cloud-based endpoint security addresses those problems
    - The benefits of replacing traditional antivirus with a cloud-based security platform
  • 6 Easy Steps to Successful Application Control Deployment Recorded: Feb 12 2019 40 mins
    Stacia Tympanick, Security Strategist at Carbon Black
    In today’s rapidly evolving threat landscape, many enterprises are seeking proactive approaches to organizational security. According to Gartner, “Application control remains one of the best techniques for blocking the vast majority of malware threats; however, implementation often falters due to poor planning.”

    Join Stacia Tympanick, Field Solutions Engineer with Carbon Black, as she addresses key challenges experienced during the implementation of application control solutions, and shares six strategies and best practices for success.

    You’ll come away from the webinar with:
    - A better understanding of the current threat landscape
    - Insights from other organizations that face similar security challenges
    - An action plan utilizing best practices for effective application control deployment
  • How to Prevent Threats that Traditional Antivirus Misses Recorded: Jan 28 2019 47 mins
    Scott Major, Strategic Account Manager, Carbon Black & Mark Sangster, VP of Strategic Marketing, eSentire
    With the shift beyond malware, cyberattacks are becoming increasingly difficult to detect. Attackers are constantly learning, updating, and evolving, and it’s critical you stay ahead of them in order to keep your organization safe. More often than not, legacy antivirus just isn’t getting the job done.

    Join us for a live discussion with security experts from Carbon Black and eSentire, the largest pure-play Managed Detection and Response (MDR) provider that protects high-risk assets from advanced cyber threats, as eSentire shares the results of its recent Quarterly Threat Report, which provides a snapshot of the latest tactics cybercriminals are using.

    You will learn:

    - What the most common types of threats are and which industries are most vulnerable
    - Why traditional AV is failing to detect these attacks
    - How Cb Defense and eSentire MDR can help you prevent advanced threats and identify threats in minutes, not months
  • Finding Your SecOps Solution: Products For Real-Time Query and Remediation Recorded: Jan 14 2019 48 mins
    Michael Osterman, President at Osterman Research
    Real-time query and response solutions are revolutionizing cyber security by enabling Security and IT Operations teams to work together, speeding up analysis and response times and reducing risk in their organizations. While these SecOps products deliver a wide range of benefits, it can be difficult for your team to prioritize one set of functionality over another in this ever-evolving endpoint security landscape.

    During this live webinar, Michael Osterman, President at Osterman Research, will provide his expert opinion on how to evaluate real-time, next-gen SecOps solutions so that you can find the right one for your organization.

    You will learn:

    - The benefits a strong SecOps strategy can provide
    - What to consider when evaluating real-time SecOps products
    - How to compare SecOps solutions to find the one that is best fit for your team
    - How Cb LiveOps enables teams to better understand current state of endpoints in their environment
  • The Future of Threat Hunting & Incident Response Recorded: Jan 3 2019 58 mins
    Justin Falck, Senior Product Manager & Gun Akkor, Director of Technical Product Management
    As the pioneer in the endpoint detection and response market, year after year Carbon Black has continued to innovate and deliver mission-critical incident response and threat hunting capabilities to advanced security operations teams worldwide. Join us for a look back at where we’ve been, what we’re doing, and what the future holds for Cb Response and our latest offering on to the Cb Predictive Security Cloud, Cb ThreatHunter.
Transforming security with big data and analytics
Carbon Black (NASDAQ: CBLK) is a leading provider of next-generation endpoint security serving more than 4,300 customers globally, including 35 of the Fortune 100. The company’s diverse customer base includes global leaders in internet search, social media, transportation, and hospitality, as well as leaders across finance, manufacturing, retail, and government.

Carbon Black combines unfiltered data collection, predictive analytics, and cloud-based delivery to provide superior endpoint protection that puts defenders back in control.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: ATT&CK Deep Dive: Lateral Movement
  • Live at: Jun 24 2019 4:00 am
  • Presented by: Phil Hagen DFIR Strategist SANS Senior Instructor - Red Canary
  • From:
Your email has been sent.
or close