LogRhythm’s story starts in 2002 with two friends and a common dream: Phil Villella (an experimental physicist) and Chris Petersen (an audit and compliance guru) wanted to develop solutions to growing and constant cybersecurity threats.
Together, they embarked on their journey as entrepreneurs, laying out their vision for automated collection, processing, and analysis of security event data. Over the course of the next few years, they turned their dream into a reality as they co-founded their company, and LogRhythm eventually became a leading security and event management (SIEM) solution.
Worldwide HQ 4780 Pearl East Circle Boulder, CO 80301
Services Category:Threat Protection Threat Prevention Threat Management Risk Management
In this webinar, LogRhythm threat detection research engineers join Ultimate Security Windows Host Randy Franklin Smith to zero in on the new standard to assess the effectiveness of your security monitoring and alerting capabilities — the MITRE ATT&CK framework.
The presenters will explore the most common techniques from the MITRE ATT&CK framework, demonstrate how attackers use them, and show you how you can use them to detect and respond to threats across the entire threat lifecycle. The five techniques that will be covered include:
1. Connection Proxy
2. Exfiltration Over Alternative Protocol
4. Drive-by Compromise
5. Service Execution
Good backups are not the solution to ransomware. Backups take time – time when your business is in complete limbo because it chose to completely shut down business operations out of “an abundance of caution.” (An abundance of caution that is too little too late in many cases.) Backups usually have a recovery interval which means some amount of lost transactions. Backups are also at risk of being encrypted, leaving valuable data unrecoverable. Good backups provide no protection at all against double-extortion schemes when the attacker threatens to leak your data if you don’t pay. Backups need to be considered a last resort.
Too often, when looking for malicious network traffic you either search for known bad or investigate anomalous traffic that doesn’t look normal. That reactive approach is time-consuming and potentially over-reliant on searching for larger concerns. Fortunately, new solutions use advanced analytics to proactively identify, enrich and alert on malicious traffic.