Enterprise Security Monitoring: Comprehensive Intel-Driven Detection
Join this HTCIA Members-Only Webinar and Earn CPEs!
On November 26, 2014 at 10:00am PST join our host David Bianco, well known DFIR expert from Mandiant. This is a great time to be in the detection field! More and more organizations are waking up to the fact that an effective detection program is a “must-have” to protect themselves against sophisticated threats. This creates a market for high-quality threat intelligence, and many groups are stepping up to meet this demand. With very little effort, your organization can connect to any number of quality data feeds, both commercial and free. However, this can lead to it’s own problems: almost no one is using threat intel effectively! Now that you’re drowning in a sea of intel, how do you make sense of it all and ensure that you are making maximum use of this information to provide the best possible detection strategies for your organization? When you fully leverage your knowledge of an adversary to rapidly detect and respond to their attacks, you deny them access to their tradecraft. You become a harder target and they feel the burn! David developed the ESM method it’s fundamental model, the “Pyramid of Pain”, while creating and running the worldwide detection program at a Fortune 5 company. Learn how to apply ESM in your org to bring the fight to the attackers!
Before coming to work as a DFIR subject matter expert at Mandiant, David spent five years helping to build an intel-driven detection & response program for a Fortune 5 company. He set detection strategies for a network of nearly 500 NSM sensors in over 160 countries and led response efforts for some of the company’s the most critical incidents, mainly involving targeted attacks. He stays active in the community, speaking and writing on the subjects of Incident Detection & Response and Threat Intelligence.
To register for this webinar visit – https://htcia.org/event-registration/?ee=18