Defense in Depth – Filling the Gaps to Detect and Stop Lateral Movement
Kevin Hiltpold, Sr Solutions Engineer | Attivo Networks
About this talk
When attackers evade the first line of network defense, having secondary controls to fill in the gaps is crucial in detecting adversaries who can break free to infiltrate the network. All they need is a single unwary user to click on a link in an email, and they can establish a beachhead in the network from which they can spread. With the SolarWinds breach, attackers have a back door into potentially thousands of networks. Typical security controls focus on detecting the initial compromise but seldom the lateral movement and privilege escalation activities that attackers spend most of their time executing. The Attivo Networks Endpoint Detection Net suite of products closes this gap by efficiently detecting such activities early in the attack cycle. Join this discussion to learn how security teams can:
- Detect an adversary who looks and acts like a member of the organization and is moving in operational blind spots
- Slow down the adversary with every piece of information they gather for lateral movement
- Deceive the adversary, turn the tables, and lower the Mean-Time-To-Detection (MTTD) from months to hours, or even less.