The MITRE ATT&CK framework is quickly becoming a focal point in the security world — and for good reason. This framework provides a consistent, industry-wide standard on which you can assess the effectiveness of your security monitoring and alerting capabilities. In this webinar, we will zero in on using the MITRE ATT&CK framework to focus and prepare your threat detection capabilities. Here are the 5 techniques we’ve selected, based off the tactic prevalence: T1090 -- Connection Proxy T1048 -- Service Execution T1036 -- Exfiltration T1189 -- Masquerading T1035 -- Drive-by Compromise We’ll explore each one of these techniques with you, highlighting how the attackers use them and how you can detect them. We will discuss which logs you need to be collecting, what audit policy needs to enabled, and what you need to look for in those logs.These 5 techniques each come from a different Tactic category in ATT&CK, and relate to different phases in an attack’s lifecycle. Mature threat detection and response requires that you have capabilities across the threat lifecycle, from initial access through command and control and into exfiltration. Dan Kaiser and Brian Coulson from, LogRhythm, will demonstrate how to use each of these techniques with an actual SIEM. Brian and Dan are part of a large project at LogRhythm Labs in which they are aligning MITRE ATT&ACK with their SIEM platform. When coupled with a SIEM solution, the MITRE ATT&CK framework allows you to effectively test your security monitoring environment against attack techniques to validate that your technology and rules are truly working and alert you to the right anomalous behavior. In this webinar, you’ll learn: 1. How to incorporate ATT&CK to work in your environment 2. Building out practical, technical threat detection 3. How to use SIEM technology and logs for threat hunting

Hora

19:00 - 20:00 hs GMT+1

Organizador

LogRhythm | The Security Intelligence Company
Compartir
Enviar a un amigo
Mi email *
Email destinatario *
Comentario *
Repite estos números *
Control de seguridad
Agosto / 2019 491 webinars
Lunes
Martes
Miércoles
Jueves
Viernes
Sábado
Domingo
Lun 29 de Agosto de 2019
Mar 30 de Agosto de 2019
Mié 31 de Agosto de 2019
Jue 01 de Agosto de 2019
Vie 02 de Agosto de 2019
  • Ask an Expert: Windows

    19:00 - 20:00 hs GMT+1

    Fecha
    Vie 2-Ago-2019, 19:00 - 20:00 hs GMT+1
    Descripción
    As Ansible has grown in popularity, so have its ability to automate Windows systems. Whether you’re deploying Windows in the cloud, or managing on-prem instances, Ansible offers a number of capabilities that can help with the deployment and management of (...)
    Cerrar
  • Ask an Expert: Windows

    19:00 - 20:00 hs GMT+1

    Fecha
    Vie 2-Ago-2019, 19:00 - 20:00 hs GMT+1
    Descripción
    As Ansible has grown in popularity, so have its ability to automate Windows systems. Whether you’re deploying Windows in the cloud, or managing on-prem instances, Ansible offers a number of capabilities that can help with the deployment and management of (...)
    Cerrar
Sáb 03 de Agosto de 2019
Dom 04 de Agosto de 2019
Lun 05 de Agosto de 2019
Mar 06 de Agosto de 2019
Mié 07 de Agosto de 2019
Jue 08 de Agosto de 2019
Vie 09 de Agosto de 2019
Sáb 10 de Agosto de 2019
Dom 11 de Agosto de 2019
Lun 12 de Agosto de 2019
Mar 13 de Agosto de 2019
Mié 14 de Agosto de 2019
Jue 15 de Agosto de 2019
Vie 16 de Agosto de 2019
Sáb 17 de Agosto de 2019
Dom 18 de Agosto de 2019
Lun 19 de Agosto de 2019
Mar 20 de Agosto de 2019
Mié 21 de Agosto de 2019
Jue 22 de Agosto de 2019
Vie 23 de Agosto de 2019
Sáb 24 de Agosto de 2019
Dom 25 de Agosto de 2019
Lun 26 de Agosto de 2019
Mar 27 de Agosto de 2019
Mié 28 de Agosto de 2019
Jue 29 de Agosto de 2019
Vie 30 de Agosto de 2019
Sáb 31 de Agosto de 2019
Dom 01 de Agosto de 2019

Publicidad

Ofertas de empleo para profesionales IT en España y América Latina - TIC-Jobs.com

Ofertas de empleo IT, TIC, ERP, Consultor, Administrador, Programador, Desarrollador, Business Intelligence, BI, Business Process Management, BPM, CRM, Dynamics, ECM, RRHH, SAP, Sharepoint, WCM, Sharepoint, Navision, España, México, Argentina, Chile, Brasil,Perú

Lo más leído »

Publicidad

Más Secciones »

Hola Invitado