A ransomware group hiring insiders... A disgruntled system administrator... and a simple, yet undetectable payload, set the stage for a scenario every CISO fears: a motivated and capable insider threat. Edward Vilinsider is a system administrator for a large managed service provider who is approached by a ransomware group with a tantalizing offer: exploit a common vulnerability, plant the payload, and collect a cool $500,000. This simple payload will enable covert access to the organization allowing the ransomware operators to carry out their objective. It is also nearly undetectable. Nearly.
Starring Skyler Curtis (Cyborg Security) and Richard "Chit" Chitamitre (Corelight) as our threat hunters, this adventure begins with a single case of suspicious activity that turns out to be far more than it seems. The team races against the clock to hunt for the source, showing tricks of the trade and treating hunters of all skill levels to behavioral threat hunting techniques and practical strategies along the way. This webinar will demonstrate how threat hunting with EDR and NDR combined allows organizations to find what traditional security controls keep missing. It is guaranteed to terrify CISOs everywhere because... the callback is coming from inside the house!
This bone-chilling webinar will cover:
Use of realistic and terrifying exploits and offensive security tools to simulate adversary TTPs, and how organizations are able to hunt for them.
A practical threat hunting session demonstrating true behavioral hunting that walks participants through not only how the attack was carried out, but also how they can hunt for this insidious behavior in their own environments.
The vital role that visibility plays in threat hunting, and how combining network and endpoint telemetry can help shine a light on this evil activity.
Software Engineer and Security Researcher at Cyborg Security
Federal Sales Engineer at Corelight, Inc
Richard Chitamitre is a technology evangelist at Corelight. Prior to that he worked as a Senior Security Analyst at Edward Jones and before that spent over a decade serving in the U.S. Navy across a number of cybersecurity roles, including work on the NSA’s Tailored Access Operations team and Navy CMT. For more information about Corelight please visit: https://corelight.com/.