2020 Threat Detection Report First Look
Our latest webinar is a guided tour of the 2020 Threat Detection Report, an in-depth look at the most prevalent ATT&CK techniques across our customers’ environments. The authors of the report, along with moderator Katie Nickels, break down the methodology behind the report’s findings and offer exclusive advice on detection strategies, including how to weed out false positives. This webinar features specific use cases for security leaders, analysts, engineers, and anyone else invested in staying ahead of next year’s threats.
How to Test Your Security Controls Using Atomic Red Team
In this 45-minute training session, Casey Smith and Michael Haag deliver a primer on Atomic Red Team, Red Canary’s open source framework for testing detection coverage, validating assumptions about your security controls, and learning what malicious looks like in your environment. In a series of demos, Casey and Michael execute single tests, chain multiple tests together, and show how security teams can measure the progress and impact of those tests. After watching this training session, viewers will be able to test their detection coverage with more than 500 tests that map to nearly 160 MITRE ATT&CK techniques.
Privilege Escalation: How Attackers Level Up
Four rockstar ladies of infosec demystify how attackers elevate access in this technical deep dive. Experts from Red Canary, MITRE ATT&CK, and Carbon Black weigh in on how privilege escalation looks on various operating systems and what you should collect to detect it. This webinar features illustrative examples of privilege escalation in action, including the rise of the Shlayer malware and the NotPetya outbreak in 2018.
Lateral Movement series
In this two-part webinar series, we teamed up with our friends from MITRE, Carbon Black, and Kroll to discuss strategies for detecting and responding to laterally moving threats. In part one, an endpoint detection and response expert from Carbon Black joins our own detection engineer as we discuss how lateral movement materializes in endpoint telemetry and how security teams can develop behavioral analytics to reliably detect laterally moving threats. In part two, an incident response specialist from Kroll joins a member of Red Canary’s incident handling team to discuss how organizations can mitigate lateral movement in their environments.
Threat Hunting with ATT&CK series
This three-part webinar on threat hunting features experts from First Bank, MITRE, and Carbon Black. In the first part of the series, our panel discusses how security teams can use the ATT&CK framework to develop a threat hunting program. Part two looks at how security teams can test their visibility with tools like Atomic Red Team to continue pushing the limits of threat hunting. Finally, in part three, we take an inside look at what an advanced threat hunting program looks like in practice.