WebinarsDetection and response
Brian Beyer

Opening the floodgates: analyzing endpoint security data


Red Canary wades through endpoint alerts to stop attacks.

Most security teams are flooded with alerts from their endpoint security products. Not only are 95 percent of alerts not investigated due to time and resource constraints, but the most worrisome threats bypass prevention tools altogether. This technical deep dive webinar covers:

  • Why it’s crucial to collect all endpoint activity and meet attackers where they are: at the endpoint
  • How Red Canary identifies malicious activity by applying data normalization, threat intelligence, behavioral analysis, and other techniques to better inform a hunting and response team
  • How to use alarm suppression as a secret weapon to enable a small team to process massive amounts of data daily
  • Layering crucial security measures like threat intelligence and incident response tools on top of the architecture to quickly stop attacks
Detection validation: going atomic on false negatives
Breaking into infosec and learning new skills with Atomic Red Team
Test your visibility into the top 10 ATT&CK techniques
Comparing open source adversary emulation platforms for red teams