WebinarsDetection and response
Joe Moles Rick McElroy

Detecting post exploitation with EDR

 

Put the tools in place to detect attackers post-exploit.

The latest post-exploit kits provide hackers with everything they need to slip into a network and freely move around. Many of these attacks do not contain signatures and rely on behaviors capable of evading even advanced security tooling. Endpoint detection and response (EDR) is designed to find attackers after they have bypassed all of your other tooling.

Watch and learn:

  • Ways to detect common and advanced post exploitation behaviors
  • Real-world examples of actual endpoint telemetry and process executions
  • How EDR detects this type of behavior and why other tools miss it
 
Test your visibility into the top 10 ATT&CK techniques
 
Introducing Chain Reactor
 
Testing initial access with “Generate-Macro” in Atomic Red Team
 
Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32