Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Unmanaged endpoints like IoT devices represent a significant and growing risk surface. Network Detection and Response (NDR) solutions monitor network traffic to generate rich security evidence that enables asset inventory, vulnerability assessment and threat monitoring. In this presentation, experts from Corelight and Microsoft will walk you through how it works and how it can improve your security posture.

This bone-chilling webinar will cover: A spine-tingling hands-on-keyboard scenario of a motivated and capable insider threat working with the ghoulish adversary. Use of realistic and terrifying exploits and offensive security tools to simulate adversary TTPs, and how organizations are able to hunt for them. A practical threat hunting session demonstrating true behavioral hunting that walks participants through not only how the attack was carried out, but also how they can hunt for this insidious behavior in their own environments.

With increases in remote work, VPN and RDP services are prime targets for gaining unauthorized access to organizations. RDP services secured by passwords are subject to brute-force guessing and credential stuffing attacks, not to mention remote exploitation. Advisories are using RDP to gain initial access to organizations and then pivot to distribute and spread ransomware. In this technical training, we will take a deep dive look at threats to RDP services, adversarial TTP involving RDP, and explore how artifacts from encrypted RDP sessions are leveraged to build detections.

With the rise in distributed workforces both SSH and RDP connections have proliferated as remote employees connect to sensitive internal environments and machines to do their job. Unfortunately, these remote-friendly protocols are also prime attack targets and once compromised give adversaries a clear path to move laterally, deploy ransomware, and more.

Many organizations find that today’s security tools are not built for petabyte scale, long-term telemetry retention and are often cost prohibitive. Ingestion based pricing forces customers to limit what data is collected and retained, resulting in both more false positives and missed valid threats. Learn how enterprises can leverage all of their high-fidelity network data to gain a comprehensive, accurate and real-time understanding of your environment at any scale, on-prem or in the cloud.

Organizations are experiencing an increase in both threat volumes and complexity, leaving corporate security teams with the ongoing challenge of balancing workloads across a broader attack surface. IT and security teams struggle to identify all their endpoints and are often unable to install Endpoint Detection and Response (EDR) software on every known endpoint device, leaving security gaps that increase business risk. Network visibility is crucial for multi-layer defense and provides critical data to fill endpoint visibility gaps.

Give your security teams 10x the retention length at 50% the cost of full PCAP. Watch this webcast and you'll discover how to.

While the security industry spends a lot of time and energy getting more and/or better alerts, comparatively little investment has gone into helping analysts operationalize and contextualize those alerts. This webcast will discuss how a solid foundation of network telemetry can enable not only high-velocity, high-confidence processing of alerts of all stripes, but also a host of other critical security applications, from fundamentals like asset management to advanced techniques like proactive threat hunting. Real-world examples and code will be used throughout the talk, along with practical considerations for operating in an enterprise environment.

Discover the power of the world’s best network security monitor, Zeek, and how Corelight makes it much simpler to use. Find out why elite defenders have used the evidence Zeek produces to accelerate their investigations, amplify their threat hunting capabilities, speed up analytics and more in this short intro.

Security teams can save up to 10x the packet retention period at 50% the cost compared to full packet capture! Sounds too good to be true, right? It’s not! With powerful, yet easy-to-use pcap levers we let security teams capture just the packets needed for investigations, and correlate them with our alerts and logs, and make packets 1-click retrievable. With Smart PCAP you get months, not days' worth of packet visibility.