Events & WebinarsDetection and response
Brian Beyer

Opening the floodgates: analyzing endpoint security data

 

Red Canary wades through endpoint alerts to stop attacks.

Most security teams are flooded with alerts from their endpoint security products. Not only are 95 percent of alerts not investigated due to time and resource constraints, but the most worrisome threats bypass prevention tools altogether. This technical deep dive webinar covers:

  • Why it’s crucial to collect all endpoint activity and meet attackers where they are: at the endpoint
  • How Red Canary identifies malicious activity by applying data normalization, threat intelligence, behavioral analysis, and other techniques to better inform a hunting and response team
  • How to use alarm suppression as a secret weapon to enable a small team to process massive amounts of data daily
  • Layering crucial security measures like threat intelligence and incident response tools on top of the architecture to quickly stop attacks
 
Atomic Red Team adds tests for cloud and containers
 
Take action with the 2021 Threat Detection Report
 
Chain Reactor: Adversary Simulation on Linux
 
Testing adversary technique variations with AtomicTestHarnesses