Skip to main content

Advanced Threat Hunting - Bit9

This article was originally published on Technology.Info.
As part of our continuing strategy for growth, ITProPortal has joined forces with Technology.Info to help us bring you the very best coverage we possibly can.

Viewer Takeaways

  • Get insight into what happens once an attacker gains access
  • Learn how to improve threat detection
  • Understand how to reduce discovery time during a response
  • Walk away with ideas for improving your security engineering

Keeping the bad guys out is a hard problem -- finding them once they're can

be even harder. The difficulty further increases when determined

adversaries gain valid credentials and immediately become insiders. Once

insiders, they can add accounts, move laterally, hide in the noise, and

accomplish their goals by using built-in tools and executables. To put it

another way, attackers are becoming "outsider-insiders". So how do you even

begin to start defending yourself against this, and how can you have some

resiliency? We'll discuss the threat landscape, the trend of attackers

"living off the land", and how you can start hunting these threats to reduce

the scope of your incidents. We'll also explore some of their tactics, and

some of the ways data and relationships can help you more quickly and

effectively detect and discover these threats.

Download PDF