Resources Webinars
Detection and response
Joe Moles Rick McElroy

Detecting post exploitation with EDR


Put the tools in place to detect attackers post-exploit.

The latest post-exploit kits provide hackers with everything they need to slip into a network and freely move around. Many of these attacks do not contain signatures and rely on behaviors capable of evading even advanced security tooling. Endpoint detection and response (EDR) is designed to find attackers after they have bypassed all of your other tooling.

Watch and learn:

  • Ways to detect common and advanced post exploitation behaviors
  • Real-world examples of actual endpoint telemetry and process executions
  • How EDR detects this type of behavior and why other tools miss it
Run Atomic Red Team tests with Microsoft Defender for Endpoint
Test your visibility into the top 10 ATT&CK techniques
Introducing Chain Reactor
Testing initial access with “Generate-Macro” in Atomic Red Team