Skip Navigation
Get a Demo
 
 
 
 
 
 
 
 
 
Resources Webinars
Detection and response
Joe Moles Rick McElroy

Detecting post exploitation with EDR

 

Put the tools in place to detect attackers post-exploit.

The latest post-exploit kits provide hackers with everything they need to slip into a network and freely move around. Many of these attacks do not contain signatures and rely on behaviors capable of evading even advanced security tooling. Endpoint detection and response (EDR) is designed to find attackers after they have bypassed all of your other tooling.

Watch and learn:

  • Ways to detect common and advanced post exploitation behaviors
  • Real-world examples of actual endpoint telemetry and process executions
  • How EDR detects this type of behavior and why other tools miss it
Emu-lation: Validating detections for SocGholish with Atomic Red Team
Emu-lation: Validating detections for SocGholish with Atomic Red Team
Emu-lation: Validating detection for Gootloader with Atomic Red Team
Emu-lation: Validating detection for Gootloader with Atomic Red Team
Simplify security testing with Docker, Windows Sandbox, and Atomic Red Team
Simplify security testing with Docker, Windows Sandbox, and Atomic Red Team
Safely validate executable file attributes with Atomic Test Harnesses
Safely validate executable file attributes with Atomic Test Harnesses
 
 
Back to Top