SlideShare a Scribd company logo

Evolving Cybersecurity Threats

โ€ขDownload as PPTX, PDFโ€ข
โ€ข
Nevada County Tech Connection
Nevada County Tech Connection

Drawing from CrowdStrike's work, Cayce Beames will present evolving cybersecurity threats, discussed her thoughts on why traditional security is failing and shared a bit on what this "next generation endpoint protection" is about. Cayce has been working in technology for over 25 years. From IT Systems Administration to Network Engineering and Internet Security, Risk Management and Compliance Auditing, Cayce has consulted with many Global corporations and traveled extensively. Cayce is currently a governance, risk and compliance analyst at CrowdStrike and founder of the not for profit, public benefit, education for kids organization called "The Computer Club" where she works to inspire kids and adults to address their fear of the unknown and make something awesome with technology.

Internet
1 of 38
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. CYBERSECURITY THREATS & NEXT-GEN ENDPOINT PROTECTION
Cayce Beames ๏‚ง Sr Analyst, GRC at CrowdStrike ๏‚ง 25 Years in IT and Security ๏‚ง Really rather technical ๏‚ง Co-founded a kids club to teach electronics, programming and robotics: www.thecomputerclub.org 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. 1 Cybersecurity Threats 2 Attack Vectors 3 Ransomware 4 Why Traditional Security is Failing 5 What is โ€œNext Gen Endpoint Protection?โ€ 6 Questions / Discussion
CYBERSECURITY THREATS The 100,000ft view 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. DATA BREACHES SINCE 2004 WHAT DO THEY ALL HAVE IN COMMON?
FW AV Sandbox IPS White Listing TO STOP THE BREACH Existing Point Solutions FAILED 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
โ€œLegitimate user credentials were used in most hacking related data breaches, with some 81% of them using weak, default, or stolen passwordsโ€ 2017 Verizon Data Breach Investigations Report (DBIR) 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
MALWARE 51% THREAT SOPHISTICATION MALWARE STOPPING MALWARE IS NOT ENOUGH HARDERTOPREVENT &DETECT LOW HIGH HIGH LOW 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
THREAT SOPHISTICATION MALWARE NON-MALWARE ATTACKS MALWARE 51% NATION- STATES 49% NON-MALWARE ATTACKS ORGANIZED CRIMINAL GANGS HACKTIVISTS/ VIGILANTES TERRORISTS CYBER- CRIMINALS YOU NEED COMPLETE BREACH PREVENTION HARDERTOPREVENT &DETECT LOW HIGH HIGH LOW 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
CYBERSECURITY THREATS A Closer-up View 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
CYBERSECURITY THREATS - ADVERSARIES ๏‚ง Adversaries are: ๏‚ง Better funded ๏‚ง More sophisticated ๏‚ง More patient ๏‚ง Attacks are ๏‚ง Well planned ๏‚ง Quietly executed ๏‚ง Often malware free ๏‚ง Encrypted ๏‚ง Cleaned up ๏‚ง leaving less evidence 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
IRAN RUSSIA 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. NATION STATE ADVERSARY GROUPS INDIA NORTH KOREA CHINA โ€˜PANDAโ€™ โ€˜BEARโ€™ โ€˜CHOLLIMAโ€™ โ€˜TIGERโ€™ โ€˜KITTENโ€™
ADVERSARY PROFILE: ROCKET KITTEN OPERATIONAL WINDOW April 2014 - Present OBJECTIVES Recon Lateral movement Data Theft TARGETING Aerospace Defense Government TOOLS Word Macros Core Impact Gmail C2 FireMalv credential stealer MPK post-exploitation toolkit 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. OTHER ADVERSARY GROUPS SINGING SPIDER UNION SPIDER ANDROMEDA SPIDER CRIMINAL HACKTIVIST/ ACTIVIST/ TERRORIST DEADEYE JACKAL GHOST JACKAL CORSAIR JACKAL EXTREME JACKAL FRATERNAL JACKAL
ATTACK VECTORS A look into a recent case 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. ATTACK: DEMOCRATIC NATIONAL COMMITTEE Suspected Large Scale Phishing Campaign WMI, Powershell and known malware SeaDaddy used. Malware fully modular for command and control IOCโ€™s indicated variation of known adversary, Fancy Bear CrowdStrike observed malicious activity in real time โ€œhands on keyboardโ€ Data was exfiltrated prior to our investigation, but ShimCache showed clear targeting DNC IT team reimages infected systems and builds new domain infrastructure
RANSOMWARE ๏‚ง Propagates through unpatched/unknown ( โ€œ0-dayโ€ ) vulnerability ๏‚ง Steals credentials ๏‚ง Propagates further with valid credentials and built-in (aka malware free) tools such as WMI and psexec ๏‚ง Encrypts data or master boot record ๏‚ง Asks for ransom to be submitted in bitcoin ๏‚ง Provides multi-language call center for support ๏‚ง May, or may not decrypt your data, may also destroy your data as well ๏‚ง If email/domains are disabled, decryption keys may not be obtained 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
WHY TRADITIONAL SECURITY IS FAILING 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
UNDERTRAINED, UNDEREQUIPPED, UNDERSTAFFED, OVERWORKED ๏‚ง Threats are more complex. ๏‚ง Executives are not the security zealots that the security team is. Security is a steep learning curve for them. ๏‚ง Employees and contractors are pushed harder. ๏‚ง Every budget dollar is scrutinized ๏‚ง Tools are poorly used or are the wrong ones. Drowning in data. 27% of breaches were reported by a 3rd party! ๏‚ง Processes are poorly executed and poorly automated ๏‚ง Training โ€ฆ How does your company train? 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Comparative Analysis WHY TRADITIONAL SECURITY IS FAILING Adversary ๏‚ง Well Funded ๏‚ง State vs Corporation ๏‚ง Organized Crime vs Individual ๏‚ง More Sophisticated ๏‚ง Better Tooling ๏‚ง Better Trained ๏‚ง More Patient Organization Security Teams ๏‚ง Funding is up, but to what benefit? ๏‚ง Is it making a difference? ๏‚ง Not very sophisticated ๏‚ง Too much to do ๏‚ง Not enough time ๏‚ง Wrong, or poorly understood tools ๏‚ง Poorly trained ๏‚ง Less patient, too much stress! 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
WISDOM FROM SUN TZU 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. โ€œIf you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.โ€
Do you know if your endpoints are currently compromised by a sophisticated actor? Are you protecting your remote users and compute environments against ransomware and other polymorphic threats? Do your existing security tools stop malware-free breaches? ? 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
WHAT IS THIS โ€œNEXT GENERATION ENDPOINT PROTECTIONโ€ BUSINESS?! 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
NEXT-GEN ENDPOINT PROTECTION ๏‚ง The enterprise endpoint protection platform (EPP) is an integrated solution that has the following capabilities: ๏‚ง Anti-malware ๏‚ง Personal firewall ๏‚ง Port and device control ๏‚ง EPP solutions will also often include: ๏‚ง Vulnerability assessment ๏‚ง Application control and application sandboxing ๏‚ง Enterprise mobility management (EMM) ๏‚ง Memory protection ๏‚ง Endpoint detection and response (EDR) technology (see "Market Guide for Endpoint Detection and Response Solutions" ) ๏‚ง Data protection such as full disk and file encryption ๏‚ง Endpoint data loss prevention (DLP) 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Next-Generation Endpoint Protection Cloud Delivered. Enriched by Threat Intelligence MANAGED HUNTING ENDPOINT DETECTION AND RESPONSE NEXT-GEN ANTIVIRUS 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
OLD ENTERPRISE ARCHITECTURE O N P R E M I S E S E C U R I T Y 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
MODERN ENTERPRISE ARCHITECTURE CS SecurityCloud MobileWorkerPublicCloud PrivateCloud RemoteWorkerBranchOffice 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
PublicCloud PrivateCloud MobileWorkerRemoteWorkerBranchOffice CS SecurityCloud PROTECT ALL OF YOUR ASSETS Nohardwareto deploy andmanage Protectendpointsoutside of the Firewall Real-timeupdates Crowdsourcedintelligence BUSINESS VALUE MODERN ENTERPRISE ARCHITECTURE 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
NEXT-GEN AVFEATURES Machine Learning IOA Behavioral Blocking Block Known Bad Exploit Mitigation 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
NEXT-GEN AVBENEFITS PREVENTS ALL TYPES OF ATTACKS Protect against Known/Unknown Malware Protect Against Zero-Day Attacks Eliminate Ransomware No Signature Updates No User Impactโ€”Less than 1% CPU overhead Reduce re-imaging time and costs BUSINESS VALUE Machine Learning IOA Behavioral Blocking Block Known Bad Exploit Mitigation 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
TELEMETRY 170Countries/ 18BEvents per day CORRELATION Real-timeandRetrospective CAPABILITIES Detection/Prevention/Forensics TM Createsa BehavioralIOATimeline FIND THE UNKNOWN UNKNOWNS 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
ENDPOINT DETECTION AND RESPONSEFEATURES ! PREVENT AGAINST SILENT FAILURE DVR FOR ENDPOINT 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
PREVENT AGAINST SILENT FAILURE DVR FOR ENDPOINT BUSINESS VALUE 5 Second Enterprise Search No Hardware or Storage Costs Full Spectrum Visibility Reduced Time to Remediation BENEFITS ENDPOINT DETECTION AND RESPONSE 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
MANAGED HUNTING BREACH PREVENTION SERVICES Team of Hunters Working for You 24 x 7 FEATURES FINDING THE ADVERSARY So You Donโ€™t Have To 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
FINDING THE ADVERSARY So You Donโ€™t Have To BREACH PREVENTION SERVICES Team of Hunters Working for You 24 x 7 BUSINESS VALUE Force Multiplier Community Immunity BENEFITS Reduce Alert Fatigue: Focus on What Matters! Stop the โ€œMegaโ€ Breach MANAGED HUNTING 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
FALCON ENDPOINT PROTECTION PLATFORM Cloud Delivered SERVICES ENRICHED BY POWERED BY API CROWDSTRIKE THREAT GRAPHTM CROWDSTRIKE INTELLIGENCE CROWDSOURCED INTELLIGENCE THIRD-PARTY INTELLIGENCE FALCON OVERWATCH Managed Hunting FALCON HOST Endpoint Protection FALCON INTELLIGENCE Threat Intelligence 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
SUGGESTED READING/VIEWING ๏‚ง Gartner Magic Quadrant for Endpoint Protection Platforms 2017 (public web listing) ๏‚ง http://branden.biz/wp-content/uploads/2017/03/Magic-Quadrant-for-Endpoint-Protection-Platforms-2017.pdf ๏‚ง CrowdStrike Cyber Intrusion Services Casebook ๏‚ง https://www.crowdstrike.com/resources/reports/crowdstrike-cyber-intrusion-services-casebook-2016/ ๏‚ง CrowdStrike Global Threat Report ๏‚ง https://www.crowdstrike.com/resources/reports/2015-global-threat-report/ ๏‚ง FireEye M-Trends Report ๏‚ง https://www.fireeye.com/current-threats/annual-threat-report/mtrends.html ๏‚ง Verizon Data Breach Investigation Report ๏‚ง http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/ ๏‚ง George Kurtz presenting at Evolve 2017 ๏‚ง https://youtu.be/WtmX-a-cayQ ๏‚ง Abusing WMI, BlackHat 2015, Matt Graeber ๏‚ง https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A- Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
THANK YOU Please enjoy some refreshments Cayce Beames Cayce.Beames@crowdstrike.com https://www.linkedin.com/in/caycebeames/ 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.

Recommended

Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
ย 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeAdam Barrera
ย 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
ย 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionCrowdStrike
ย 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeCrowdStrike
ย 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architectureHybrid IT Europe
ย 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptxuthayakumar174828
ย 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetCrowdStrike
ย 

Recommended

Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
ย 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeAdam Barrera
ย 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
ย 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionCrowdStrike
ย 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeCrowdStrike
ย 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architectureHybrid IT Europe
ย 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptxuthayakumar174828
ย 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetCrowdStrike
ย 
Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat ModelingMiriam Celi, CISSP, GISP, MSCS, MBA
ย 
Threat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptxThreat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptxInfosec
ย 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesIvanti
ย 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
ย 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security SolutionsThe TNS Group
ย 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
ย 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...YouAttestSlideshare
ย 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike
ย 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
ย 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMEAlienVault
ย 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Amrit Chhetri
ย 
Software Security Frameworks
Software Security FrameworksSoftware Security Frameworks
Software Security FrameworksMarco Morana
ย 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
ย 
SOAR and SIEM.pptx
SOAR and SIEM.pptxSOAR and SIEM.pptx
SOAR and SIEM.pptxAjit Wadhawan
ย 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
ย 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
ย 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
ย 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
ย 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
ย 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
ย 
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMCrowdStrike
ย 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeMelbourne IT
ย 

More Related Content

What's hot

Threat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptxThreat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptxInfosec
ย 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesIvanti
ย 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
ย 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security SolutionsThe TNS Group
ย 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
ย 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...YouAttestSlideshare
ย 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike
ย 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
ย 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMEAlienVault
ย 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Amrit Chhetri
ย 
Software Security Frameworks
Software Security FrameworksSoftware Security Frameworks
Software Security FrameworksMarco Morana
ย 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
ย 
SOAR and SIEM.pptx
SOAR and SIEM.pptxSOAR and SIEM.pptx
SOAR and SIEM.pptxAjit Wadhawan
ย 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
ย 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
ย 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
ย 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
ย 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
ย 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
ย 

What's hot (20)

Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat Modeling
ย 
Threat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptxThreat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptx
ย 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation Slides
ย 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
ย 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security Solutions
ย 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
ย 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
ย 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
ย 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
ย 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
ย 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021
ย 
Software Security Frameworks
Software Security FrameworksSoftware Security Frameworks
Software Security Frameworks
ย 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
ย 
SOAR and SIEM.pptx
SOAR and SIEM.pptxSOAR and SIEM.pptx
SOAR and SIEM.pptx
ย 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
ย 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
ย 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and Tools
ย 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
ย 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
ย 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
ย 

Similar to Evolving Cybersecurity Threats

DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMCrowdStrike
ย 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeMelbourne IT
ย 
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakAn Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakCrowdStrike
ย 
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemUnderstanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemCrowdStrike
ย 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
ย 
Cyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptCyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptNiteshRajput1123
ย 
Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Kevin Murphy
ย 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughMartin Opsahl
ย 
Carbon Black: Keys to Shutting Down Attacks
Carbon Black: Keys to Shutting Down AttacksCarbon Black: Keys to Shutting Down Attacks
Carbon Black: Keys to Shutting Down AttacksMighty Guides, Inc.
ย 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to InfrastructureJorge Orchilles
ย 
Beveilig je data met windows 10
Beveilig je data met windows 10 Beveilig je data met windows 10
Beveilig je data met windows 10 Avanade Nederland
ย 
MT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityMT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityDell EMC World
ย 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with SplunkSplunk
ย 
World of Watson 2016 - Information Insecurity
World of Watson 2016 - Information InsecurityWorld of Watson 2016 - Information Insecurity
World of Watson 2016 - Information InsecurityKeith Redman
ย 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesTechBiz Forense Digital
ย 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesTechBiz Forense Digital
ย 
Verisign iDefense Security Intelligence Services
Verisign iDefense Security Intelligence ServicesVerisign iDefense Security Intelligence Services
Verisign iDefense Security Intelligence ServicesTechBiz Forense Digital
ย 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
ย 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
ย 
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Canada
ย 

Similar to Evolving Cybersecurity Threats (20)

DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
ย 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
ย 
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakAn Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware Outbreak
ย 
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemUnderstanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
ย 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
ย 
Cyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptCyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.ppt
ย 
Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017
ย 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enough
ย 
Carbon Black: Keys to Shutting Down Attacks
Carbon Black: Keys to Shutting Down AttacksCarbon Black: Keys to Shutting Down Attacks
Carbon Black: Keys to Shutting Down Attacks
ย 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to Infrastructure
ย 
Beveilig je data met windows 10
Beveilig je data met windows 10 Beveilig je data met windows 10
Beveilig je data met windows 10
ย 
MT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in CybersecurityMT 117 Key Innovations in Cybersecurity
MT 117 Key Innovations in Cybersecurity
ย 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
ย 
World of Watson 2016 - Information Insecurity
World of Watson 2016 - Information InsecurityWorld of Watson 2016 - Information Insecurity
World of Watson 2016 - Information Insecurity
ย 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence Services
ย 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence Services
ย 
Verisign iDefense Security Intelligence Services
Verisign iDefense Security Intelligence ServicesVerisign iDefense Security Intelligence Services
Verisign iDefense Security Intelligence Services
ย 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech Talk
ย 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red Hat
ย 
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
ย 

More from Nevada County Tech Connection

Robotics: Vision-Aided Navigation and Motion Path Planning on Low-End Android...
Robotics: Vision-Aided Navigation and Motion Path Planning on Low-End Android...Robotics: Vision-Aided Navigation and Motion Path Planning on Low-End Android...
Robotics: Vision-Aided Navigation and Motion Path Planning on Low-End Android...Nevada County Tech Connection
ย 
John Selep: Resources available to the AgTech industry
John Selep: Resources available to the AgTech industryJohn Selep: Resources available to the AgTech industry
John Selep: Resources available to the AgTech industryNevada County Tech Connection
ย 
Robert Tse: Broadband and the Future of Agriculture
Robert Tse: Broadband and the Future of AgricultureRobert Tse: Broadband and the Future of Agriculture
Robert Tse: Broadband and the Future of AgricultureNevada County Tech Connection
ย 
Gabriel Youtsey: AgTech18 Conference, Nevada County, CA February, 18
Gabriel Youtsey: AgTech18 Conference, Nevada County, CA February, 18Gabriel Youtsey: AgTech18 Conference, Nevada County, CA February, 18
Gabriel Youtsey: AgTech18 Conference, Nevada County, CA February, 18Nevada County Tech Connection
ย 
Artificial Intelligence for Start-Up Funding Success
Artificial Intelligence for Start-Up Funding SuccessArtificial Intelligence for Start-Up Funding Success
Artificial Intelligence for Start-Up Funding SuccessNevada County Tech Connection
ย 
Rising Above The Noise With Your Tech Brand
Rising Above The Noise With Your Tech BrandRising Above The Noise With Your Tech Brand
Rising Above The Noise With Your Tech BrandNevada County Tech Connection
ย 

More from Nevada County Tech Connection (11)

Robotics: Vision-Aided Navigation and Motion Path Planning on Low-End Android...
Robotics: Vision-Aided Navigation and Motion Path Planning on Low-End Android...Robotics: Vision-Aided Navigation and Motion Path Planning on Low-End Android...
Robotics: Vision-Aided Navigation and Motion Path Planning on Low-End Android...
ย 
John Selep: Resources available to the AgTech industry
John Selep: Resources available to the AgTech industryJohn Selep: Resources available to the AgTech industry
John Selep: Resources available to the AgTech industry
ย 
Willa Leong: Farm Date Ownership
Willa Leong: Farm Date OwnershipWilla Leong: Farm Date Ownership
Willa Leong: Farm Date Ownership
ย 
Robert Tse: Broadband and the Future of Agriculture
Robert Tse: Broadband and the Future of AgricultureRobert Tse: Broadband and the Future of Agriculture
Robert Tse: Broadband and the Future of Agriculture
ย 
Gabriel Youtsey: AgTech18 Conference, Nevada County, CA February, 18
Gabriel Youtsey: AgTech18 Conference, Nevada County, CA February, 18Gabriel Youtsey: AgTech18 Conference, Nevada County, CA February, 18
Gabriel Youtsey: AgTech18 Conference, Nevada County, CA February, 18
ย 
Mobile Apps - From Ideas to Excecution
Mobile Apps - From Ideas to ExcecutionMobile Apps - From Ideas to Excecution
Mobile Apps - From Ideas to Excecution
ย 
Artificial Intelligence for Start-Up Funding Success
Artificial Intelligence for Start-Up Funding SuccessArtificial Intelligence for Start-Up Funding Success
Artificial Intelligence for Start-Up Funding Success
ย 
Augmented Reality - Today and the Future
Augmented Reality - Today and the FutureAugmented Reality - Today and the Future
Augmented Reality - Today and the Future
ย 
Rising Above The Noise With Your Tech Brand
Rising Above The Noise With Your Tech BrandRising Above The Noise With Your Tech Brand
Rising Above The Noise With Your Tech Brand
ย 
How to Shoot your Company in the Foot
How to Shoot your Company in the FootHow to Shoot your Company in the Foot
How to Shoot your Company in the Foot
ย 
The Promise of BlockChain
The Promise of BlockChainThe Promise of BlockChain
The Promise of BlockChain
ย 

Recently uploaded

Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
ย 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
ย 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
ย 
โžฅ๐Ÿ” 7737669865 ๐Ÿ”โ–ป mehsana Call-girls in Women Seeking Men ๐Ÿ”mehsana๐Ÿ” Escorts...
โžฅ๐Ÿ” 7737669865 ๐Ÿ”โ–ป mehsana Call-girls in Women Seeking Men ๐Ÿ”mehsana๐Ÿ” Escorts...โžฅ๐Ÿ” 7737669865 ๐Ÿ”โ–ป mehsana Call-girls in Women Seeking Men ๐Ÿ”mehsana๐Ÿ” Escorts...
โžฅ๐Ÿ” 7737669865 ๐Ÿ”โ–ป mehsana Call-girls in Women Seeking Men ๐Ÿ”mehsana๐Ÿ” Escorts...nirzagarg
ย 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
ย 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
ย 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
ย 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...SUHANI PANDEY
ย 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftAanSulistiyo
ย 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
ย 
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...Delhi Call girls
ย 
๐Ÿ’š๐Ÿ˜‹ Salem Escort Service Call Girls, 9352852248 โ‚น5000 To 25K With AC๐Ÿ’š๐Ÿ˜‹
๐Ÿ’š๐Ÿ˜‹ Salem Escort Service Call Girls, 9352852248 โ‚น5000 To 25K With AC๐Ÿ’š๐Ÿ˜‹๐Ÿ’š๐Ÿ˜‹ Salem Escort Service Call Girls, 9352852248 โ‚น5000 To 25K With AC๐Ÿ’š๐Ÿ˜‹
๐Ÿ’š๐Ÿ˜‹ Salem Escort Service Call Girls, 9352852248 โ‚น5000 To 25K With AC๐Ÿ’š๐Ÿ˜‹nirzagarg
ย 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY
ย 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...SUHANI PANDEY
ย 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
ย 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
ย 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
ย 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
ย 
๐Ÿ“ฑDehradun Call Girls Service ๐Ÿ“ฑโ˜Ž๏ธ +91'905,3900,678 โ˜Ž๏ธ๐Ÿ“ฑ Call Girls In Dehradun ๐Ÿ“ฑ
๐Ÿ“ฑDehradun Call Girls Service ๐Ÿ“ฑโ˜Ž๏ธ +91'905,3900,678 โ˜Ž๏ธ๐Ÿ“ฑ Call Girls In Dehradun ๐Ÿ“ฑ๐Ÿ“ฑDehradun Call Girls Service ๐Ÿ“ฑโ˜Ž๏ธ +91'905,3900,678 โ˜Ž๏ธ๐Ÿ“ฑ Call Girls In Dehradun ๐Ÿ“ฑ
๐Ÿ“ฑDehradun Call Girls Service ๐Ÿ“ฑโ˜Ž๏ธ +91'905,3900,678 โ˜Ž๏ธ๐Ÿ“ฑ Call Girls In Dehradun ๐Ÿ“ฑ@Chandigarh #call #Girls 9053900678 @Call #Girls in @Punjab 9053900678
ย 

Recently uploaded (20)

Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
ย 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
ย 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
ย 
โžฅ๐Ÿ” 7737669865 ๐Ÿ”โ–ป mehsana Call-girls in Women Seeking Men ๐Ÿ”mehsana๐Ÿ” Escorts...
โžฅ๐Ÿ” 7737669865 ๐Ÿ”โ–ป mehsana Call-girls in Women Seeking Men ๐Ÿ”mehsana๐Ÿ” Escorts...โžฅ๐Ÿ” 7737669865 ๐Ÿ”โ–ป mehsana Call-girls in Women Seeking Men ๐Ÿ”mehsana๐Ÿ” Escorts...
โžฅ๐Ÿ” 7737669865 ๐Ÿ”โ–ป mehsana Call-girls in Women Seeking Men ๐Ÿ”mehsana๐Ÿ” Escorts...
ย 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
ย 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
ย 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
ย 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
ย 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
ย 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
ย 
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
ย 
๐Ÿ’š๐Ÿ˜‹ Salem Escort Service Call Girls, 9352852248 โ‚น5000 To 25K With AC๐Ÿ’š๐Ÿ˜‹
๐Ÿ’š๐Ÿ˜‹ Salem Escort Service Call Girls, 9352852248 โ‚น5000 To 25K With AC๐Ÿ’š๐Ÿ˜‹๐Ÿ’š๐Ÿ˜‹ Salem Escort Service Call Girls, 9352852248 โ‚น5000 To 25K With AC๐Ÿ’š๐Ÿ˜‹
๐Ÿ’š๐Ÿ˜‹ Salem Escort Service Call Girls, 9352852248 โ‚น5000 To 25K With AC๐Ÿ’š๐Ÿ˜‹
ย 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
ย 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
ย 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
ย 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
ย 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
ย 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
ย 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
ย 
๐Ÿ“ฑDehradun Call Girls Service ๐Ÿ“ฑโ˜Ž๏ธ +91'905,3900,678 โ˜Ž๏ธ๐Ÿ“ฑ Call Girls In Dehradun ๐Ÿ“ฑ
๐Ÿ“ฑDehradun Call Girls Service ๐Ÿ“ฑโ˜Ž๏ธ +91'905,3900,678 โ˜Ž๏ธ๐Ÿ“ฑ Call Girls In Dehradun ๐Ÿ“ฑ๐Ÿ“ฑDehradun Call Girls Service ๐Ÿ“ฑโ˜Ž๏ธ +91'905,3900,678 โ˜Ž๏ธ๐Ÿ“ฑ Call Girls In Dehradun ๐Ÿ“ฑ
๐Ÿ“ฑDehradun Call Girls Service ๐Ÿ“ฑโ˜Ž๏ธ +91'905,3900,678 โ˜Ž๏ธ๐Ÿ“ฑ Call Girls In Dehradun ๐Ÿ“ฑ
ย 

Evolving Cybersecurity Threats

  • 1. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. CYBERSECURITY THREATS & NEXT-GEN ENDPOINT PROTECTION
  • 2. Cayce Beames ๏‚ง Sr Analyst, GRC at CrowdStrike ๏‚ง 25 Years in IT and Security ๏‚ง Really rather technical ๏‚ง Co-founded a kids club to teach electronics, programming and robotics: www.thecomputerclub.org 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 3. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. 1 Cybersecurity Threats 2 Attack Vectors 3 Ransomware 4 Why Traditional Security is Failing 5 What is โ€œNext Gen Endpoint Protection?โ€ 6 Questions / Discussion
  • 4. CYBERSECURITY THREATS The 100,000ft view 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 5. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. DATA BREACHES SINCE 2004 WHAT DO THEY ALL HAVE IN COMMON?
  • 6. FW AV Sandbox IPS White Listing TO STOP THE BREACH Existing Point Solutions FAILED 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 7. โ€œLegitimate user credentials were used in most hacking related data breaches, with some 81% of them using weak, default, or stolen passwordsโ€ 2017 Verizon Data Breach Investigations Report (DBIR) 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 10. CYBERSECURITY THREATS A Closer-up View 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 11. CYBERSECURITY THREATS - ADVERSARIES ๏‚ง Adversaries are: ๏‚ง Better funded ๏‚ง More sophisticated ๏‚ง More patient ๏‚ง Attacks are ๏‚ง Well planned ๏‚ง Quietly executed ๏‚ง Often malware free ๏‚ง Encrypted ๏‚ง Cleaned up ๏‚ง leaving less evidence 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 12. IRAN RUSSIA 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. NATION STATE ADVERSARY GROUPS INDIA NORTH KOREA CHINA โ€˜PANDAโ€™ โ€˜BEARโ€™ โ€˜CHOLLIMAโ€™ โ€˜TIGERโ€™ โ€˜KITTENโ€™
  • 13. ADVERSARY PROFILE: ROCKET KITTEN OPERATIONAL WINDOW April 2014 - Present OBJECTIVES Recon Lateral movement Data Theft TARGETING Aerospace Defense Government TOOLS Word Macros Core Impact Gmail C2 FireMalv credential stealer MPK post-exploitation toolkit 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 14. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. OTHER ADVERSARY GROUPS SINGING SPIDER UNION SPIDER ANDROMEDA SPIDER CRIMINAL HACKTIVIST/ ACTIVIST/ TERRORIST DEADEYE JACKAL GHOST JACKAL CORSAIR JACKAL EXTREME JACKAL FRATERNAL JACKAL
  • 15. ATTACK VECTORS A look into a recent case 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 16. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. ATTACK: DEMOCRATIC NATIONAL COMMITTEE Suspected Large Scale Phishing Campaign WMI, Powershell and known malware SeaDaddy used. Malware fully modular for command and control IOCโ€™s indicated variation of known adversary, Fancy Bear CrowdStrike observed malicious activity in real time โ€œhands on keyboardโ€ Data was exfiltrated prior to our investigation, but ShimCache showed clear targeting DNC IT team reimages infected systems and builds new domain infrastructure
  • 17. RANSOMWARE ๏‚ง Propagates through unpatched/unknown ( โ€œ0-dayโ€ ) vulnerability ๏‚ง Steals credentials ๏‚ง Propagates further with valid credentials and built-in (aka malware free) tools such as WMI and psexec ๏‚ง Encrypts data or master boot record ๏‚ง Asks for ransom to be submitted in bitcoin ๏‚ง Provides multi-language call center for support ๏‚ง May, or may not decrypt your data, may also destroy your data as well ๏‚ง If email/domains are disabled, decryption keys may not be obtained 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 18. WHY TRADITIONAL SECURITY IS FAILING 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 19. UNDERTRAINED, UNDEREQUIPPED, UNDERSTAFFED, OVERWORKED ๏‚ง Threats are more complex. ๏‚ง Executives are not the security zealots that the security team is. Security is a steep learning curve for them. ๏‚ง Employees and contractors are pushed harder. ๏‚ง Every budget dollar is scrutinized ๏‚ง Tools are poorly used or are the wrong ones. Drowning in data. 27% of breaches were reported by a 3rd party! ๏‚ง Processes are poorly executed and poorly automated ๏‚ง Training โ€ฆ How does your company train? 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 20. Comparative Analysis WHY TRADITIONAL SECURITY IS FAILING Adversary ๏‚ง Well Funded ๏‚ง State vs Corporation ๏‚ง Organized Crime vs Individual ๏‚ง More Sophisticated ๏‚ง Better Tooling ๏‚ง Better Trained ๏‚ง More Patient Organization Security Teams ๏‚ง Funding is up, but to what benefit? ๏‚ง Is it making a difference? ๏‚ง Not very sophisticated ๏‚ง Too much to do ๏‚ง Not enough time ๏‚ง Wrong, or poorly understood tools ๏‚ง Poorly trained ๏‚ง Less patient, too much stress! 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 21. WISDOM FROM SUN TZU 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. โ€œIf you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.โ€
  • 22. Do you know if your endpoints are currently compromised by a sophisticated actor? Are you protecting your remote users and compute environments against ransomware and other polymorphic threats? Do your existing security tools stop malware-free breaches? ? 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 23. WHAT IS THIS โ€œNEXT GENERATION ENDPOINT PROTECTIONโ€ BUSINESS?! 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 24. NEXT-GEN ENDPOINT PROTECTION ๏‚ง The enterprise endpoint protection platform (EPP) is an integrated solution that has the following capabilities: ๏‚ง Anti-malware ๏‚ง Personal firewall ๏‚ง Port and device control ๏‚ง EPP solutions will also often include: ๏‚ง Vulnerability assessment ๏‚ง Application control and application sandboxing ๏‚ง Enterprise mobility management (EMM) ๏‚ง Memory protection ๏‚ง Endpoint detection and response (EDR) technology (see "Market Guide for Endpoint Detection and Response Solutions" ) ๏‚ง Data protection such as full disk and file encryption ๏‚ง Endpoint data loss prevention (DLP) 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 25. Next-Generation Endpoint Protection Cloud Delivered. Enriched by Threat Intelligence MANAGED HUNTING ENDPOINT DETECTION AND RESPONSE NEXT-GEN ANTIVIRUS 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 26. OLD ENTERPRISE ARCHITECTURE O N P R E M I S E S E C U R I T Y 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 27. MODERN ENTERPRISE ARCHITECTURE CS SecurityCloud MobileWorkerPublicCloud PrivateCloud RemoteWorkerBranchOffice 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 28. PublicCloud PrivateCloud MobileWorkerRemoteWorkerBranchOffice CS SecurityCloud PROTECT ALL OF YOUR ASSETS Nohardwareto deploy andmanage Protectendpointsoutside of the Firewall Real-timeupdates Crowdsourcedintelligence BUSINESS VALUE MODERN ENTERPRISE ARCHITECTURE 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 30. NEXT-GEN AVBENEFITS PREVENTS ALL TYPES OF ATTACKS Protect against Known/Unknown Malware Protect Against Zero-Day Attacks Eliminate Ransomware No Signature Updates No User Impactโ€”Less than 1% CPU overhead Reduce re-imaging time and costs BUSINESS VALUE Machine Learning IOA Behavioral Blocking Block Known Bad Exploit Mitigation 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 31. TELEMETRY 170Countries/ 18BEvents per day CORRELATION Real-timeandRetrospective CAPABILITIES Detection/Prevention/Forensics TM Createsa BehavioralIOATimeline FIND THE UNKNOWN UNKNOWNS 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 32. ENDPOINT DETECTION AND RESPONSEFEATURES ! PREVENT AGAINST SILENT FAILURE DVR FOR ENDPOINT 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 33. PREVENT AGAINST SILENT FAILURE DVR FOR ENDPOINT BUSINESS VALUE 5 Second Enterprise Search No Hardware or Storage Costs Full Spectrum Visibility Reduced Time to Remediation BENEFITS ENDPOINT DETECTION AND RESPONSE 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 34. MANAGED HUNTING BREACH PREVENTION SERVICES Team of Hunters Working for You 24 x 7 FEATURES FINDING THE ADVERSARY So You Donโ€™t Have To 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 35. FINDING THE ADVERSARY So You Donโ€™t Have To BREACH PREVENTION SERVICES Team of Hunters Working for You 24 x 7 BUSINESS VALUE Force Multiplier Community Immunity BENEFITS Reduce Alert Fatigue: Focus on What Matters! Stop the โ€œMegaโ€ Breach MANAGED HUNTING 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 36. FALCON ENDPOINT PROTECTION PLATFORM Cloud Delivered SERVICES ENRICHED BY POWERED BY API CROWDSTRIKE THREAT GRAPHTM CROWDSTRIKE INTELLIGENCE CROWDSOURCED INTELLIGENCE THIRD-PARTY INTELLIGENCE FALCON OVERWATCH Managed Hunting FALCON HOST Endpoint Protection FALCON INTELLIGENCE Threat Intelligence 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 37. SUGGESTED READING/VIEWING ๏‚ง Gartner Magic Quadrant for Endpoint Protection Platforms 2017 (public web listing) ๏‚ง http://branden.biz/wp-content/uploads/2017/03/Magic-Quadrant-for-Endpoint-Protection-Platforms-2017.pdf ๏‚ง CrowdStrike Cyber Intrusion Services Casebook ๏‚ง https://www.crowdstrike.com/resources/reports/crowdstrike-cyber-intrusion-services-casebook-2016/ ๏‚ง CrowdStrike Global Threat Report ๏‚ง https://www.crowdstrike.com/resources/reports/2015-global-threat-report/ ๏‚ง FireEye M-Trends Report ๏‚ง https://www.fireeye.com/current-threats/annual-threat-report/mtrends.html ๏‚ง Verizon Data Breach Investigation Report ๏‚ง http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/ ๏‚ง George Kurtz presenting at Evolve 2017 ๏‚ง https://youtu.be/WtmX-a-cayQ ๏‚ง Abusing WMI, BlackHat 2015, Matt Graeber ๏‚ง https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A- Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 38. THANK YOU Please enjoy some refreshments Cayce Beames Cayce.Beames@crowdstrike.com https://www.linkedin.com/in/caycebeames/ 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.

Editor's Notes

  1. Better Funded Nation state, organized crime and hacker collectives More Sophisticated Better trained, using more advanced technologies and developed tools taking advantage of undisclosed โ€œzero dayโ€ vulnerabilities. Taking more data, not always what we would expect. More Patient Taking months to perform reconnaissance without detection Well Planned The time spent on reconnaissance, developing new tooling to exploit vulnerabilities, Quietly Executed Using techniques to avoid detection, including on-the-box system utilities and encryption. Cleaned Up Using secure delete, altering file times, clearing logs