Name: Testing Visibility to Develop an Innovative Threat Hunting Program
Start: 2019-10-03T03:00:00Z
End: 2019-10-03T04:03:00.000Z
Location: BrightTALK
Rating: 0

VMware Carbon Black is a leader in cloud-native endpoint protection dedicated to keeping the world safe from cyberattacks. The VMware Carbon Black Cloud consolidates endpoint protection and IT operations into an endpoint protection platform (EPP) that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations.

Carbon Black combines unfiltered data collection, predictive analytics, and cloud-based delivery to provide superior endpoint protection that puts defenders back in control.

What is required to take your threat hunting program to the highest level of maturity? Using Red Canary as a case study, this session will provide a behind-the-scenes look at how to bring together MITRE ATT&CK™, CB Response, and Atomic Red Team to analyze massive amounts of data and quickly detect adversaries. This webinar also features David J. Bianco's threat hunting maturity model.

Attendees will learn how to:

- Automate the majority of successful data analysis procedure
- Map adversary techniques to detection coverage
- Test, validate, and continuously improve visibility
- Make threat hunting a repeatable process that drives better security outcomes

Becoming a Leader: An Inside Look at a Level 4 Threat Hunting Program

Every threat hunt starts with intelligence. As one of the industry’s most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats.

Join Carbon Black, Red Canary and MITRE for "Using the ATT&CK Framework to Mature Your Threat Hunting Program" to learn how to use ATT&CK to:

- Increase the efficacy of your threat hunting program
- Hunt for adversary tactics and techniques across the ATT&CK matrix
- Develop a hypothesis and test it against known techniques
- Obtain a broader set of evidence by hunting for adversarial techniques rather than specific signatures

Using the ATT&CK™ Framework to Mature Your Threat Hunting Program

With the rising volume of cyberattacks, and the increase in non-malware techniques, CISOs need to evolve their defenses. This means obtaining better visibility into cybercriminal and better visibility into their environment. The place to start is with a clear understanding of how today’s cybercriminals think as they execute a cyberattack on a targeted organization.

This webinar is based on findings from Carbon Black’s behavioral data and provides CISOs with an added layer of information to enhance Kill Chain and ATT&CK strategies for threat hunting.

Register for this webinar to gain:

- An understanding of how cybercrime has evolved in the past 2 years.
- Profiles and motivations of today’s cybercriminals.
- A breakdown of cybercriminal behavior presented in 3 clear phases.
- Data and analogies to help you explain the threat to executives.
- Specific actions to take to accordingly reevaluate your security posture.

Cognitions of a Cybercriminal: Get Visibility into Adversary Behavior

Imagine if the FBI locked you in a room for eight hours a day with the most ruthless and damaging spy in United States history. Imagine feeling unqualified and outgunned, knowing the country depends on you to succeed despite the fact no one has provided the means to do so. Robert Hanssen was a notorious cyber spy charged with selling American secrets to Russia for more than US$1.4 million in cash and diamonds.

His ability to exploit computer systems allowed him to protect his identity during a 22-year spy career. In this edge-of-the-seat spy thriller talk, Eric O’Neill shares intricate details of the investigation and shows how you can find success inside yourself by setting small goals that lead to big accomplishments until finally, through courage, confidence, and determination, victory is achieved.

Join us for a webinar highlighting Eric's story and more.

Gray Day: How I Caught the Most Damaging Spy in American History

Join Red Canary, Carbon Black, and MITRE ATT&CK™ for a deep dive into lateral movement detection.

This hands-on webinar will demonstrate how applying lateral movement detection tactics and techniques can help you find higher level actors in your environment and improve the efficacy of your security program.

Presenters include: Tony Lambert, Detection Engineer - Red Canary, John Wunder, Principle Cybersecurity Engineer - MITRE and Rick McElroy, Head of Security Strategy - Carbon Black

ATT&CK Deep Dive: Lateral Movement

Threats such as WannaCry and Petya/NotPetya have demonstrated that hackers are more familiar with the vulnerabilities of your unsupported systems than you are. When new patches are released for new systems, attackers easily reverse engineer the update and quickly find all the weaknesses in your end-of-life (EOL) systems. Traditional security solutions are powerless in detecting and preventing advanced attacks and unknown threats.

Join us as we examine the challenges posed to your EOL OS and share best practices for protecting your systems.

You'll come away from the webinar with:
- A better understanding of the challenges presented by your EOL OS.
- Insights from other organizations that face your same challenges.
- An action plan for how application control helps you meet (or overcome) these challenges.

How to Protect Your End-of-Life Operating Systems

Are you struggling to keep your endpoint security up to date? You’re not alone. Small to mid-sized companies have less resources — yet have the same risk of attack as larger companies. And that risk is only increasing. In 2017, the number of ransomware attacks increased by 30x and the number of breaches increased by 40%.

Good news! Smaller companies can protect themselves just as well as large enterprises thanks to cloud-based endpoint security.

Join us for a live webinar to discuss how next-generation endpoint security in the cloud solved the most common challenges SMBs are facing.

You will learn:
- The 10 most common security problems facing small to mid-sized companies
- How cloud-based endpoint security addresses those problems
- The benefits of replacing traditional antivirus with a cloud-based security platform

10 SMB Endpoint Problems Solved By the Cloud

In today’s rapidly evolving threat landscape, many enterprises are seeking proactive approaches to organizational security. According to Gartner, “Application control remains one of the best techniques for blocking the vast majority of malware threats; however, implementation often falters due to poor planning.”

Join Stacia Tympanick, Field Solutions Engineer with Carbon Black, as she addresses key challenges experienced during the implementation of application control solutions, and shares six strategies and best practices for success.

You’ll come away from the webinar with:
- A better understanding of the current threat landscape 
- Insights from other organizations that face similar security challenges
- An action plan utilizing best practices for effective application control deployment

6 Easy Steps to Successful Application Control Deployment

With the shift beyond malware, cyberattacks are becoming increasingly difficult to detect. Attackers are constantly learning, updating, and evolving, and it’s critical you stay ahead of them in order to keep your organization safe. More often than not, legacy antivirus just isn’t getting the job done.

Join us for a live discussion with security experts from Carbon Black and eSentire, the largest pure-play Managed Detection and Response (MDR) provider that protects high-risk assets from advanced cyber threats, as eSentire shares the results of its recent Quarterly Threat Report, which provides a snapshot of the latest tactics cybercriminals are using.  

You will learn:

- What the most common types of threats are and which industries are most vulnerable
- Why traditional AV is failing to detect these attacks
- How Cb Defense and eSentire MDR can help you prevent advanced threats and identify threats in minutes, not months

How to Prevent Threats that Traditional Antivirus Misses

Real-time query and response solutions are revolutionizing cyber security by enabling Security and IT Operations teams to work together, speeding up analysis and response times and reducing risk in their organizations. While these SecOps products deliver a wide range of benefits, it can be difficult for your team to prioritize one set of functionality over another in this ever-evolving endpoint security landscape.

During this live webinar, Michael Osterman, President at Osterman Research, will provide his expert opinion on how to evaluate real-time, next-gen SecOps solutions so that you can find the right one for your organization.

You will learn:

- The benefits a strong SecOps strategy can provide
- What to consider when evaluating real-time SecOps products
- How to compare SecOps solutions to find the one that is best fit for your team
- How Cb LiveOps enables teams to better understand current state of endpoints in their environment

Finding Your SecOps Solution: Products For Real-Time Query and Remediation

As the pioneer in the endpoint detection and response market, year after year Carbon Black has continued to innovate and deliver mission-critical incident response and threat hunting capabilities to advanced security operations teams worldwide. Join us for a look back at where we’ve been, what we’re doing, and what the future holds for Cb Response and our latest offering on to the Cb Predictive Security Cloud, Cb ThreatHunter.

The Future of Threat Hunting & Incident Response

Do you have the visibility you need to hunt for adversary techniques? Increasing the quality and quantity of data analysis requires a robust set of tools, techniques, and practices. Learn how to use the MITRE ATT&CK™ framework, CB Response, and Atomic Red Team to hunt for adversary techniques and build functional tests to understand visibility.

This hands-on technical session will demonstrate how to:

- Hunt for frequently used ATT&CK techniques with CB Response
- Measure and improve visibility with Atomic Red Team tests
- Turn new intelligence into hunting criteria
- Investigate data that can support a judgment call on whether activity is malicious or benign

Testing Visibility to Develop an Innovative Threat Hunting Program

Defense In Depth

Cyber Defence

Incident Response

Security Operations

Threat Detection

Threat hunting

Security Analysis

Hackers

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Testing Visibility to Develop an Innovative Threat Hunting Program

Presented by

About this talk

More from this channel