Whitepaper by Matt Bromiley, a SANS Certified Digital Forensics and Incident Response instructor
Despite our best efforts, security practitioners are finding the same attacker return to their systems at least twice. Why is this happening? Are our detection methods working and if not, why not? This SANS whitepaper will look at the evolution of attackers, whether existing defences are working and how to improve our stance.
Discover some of the key challenges organisations are facing when it comes to understanding different adversaries, and how you can effectively remediate. Often organisations find themselves unprepared to tackle even some of the simplest of techniques employed by cyber attackers – this has led to unprecedented success and longevity, because many adversaries use these gaps to their advantage as they sweep through corporate and IoT networks.
Readers will learn techniques used to identify, remediate and eradicate attackers as well as tips for successfully using deception techniques, including traps and lures. A case study will illustrate key recommendations.
This whitepaper from SANS will cover the following:
Complete the form and receive a copy of the whitepaper to learn more about how deception technology can help you address cyber adversaries.
Matt Bromiley is a SANS Certified Digital Forensics and Incident Response instructor, teaching Advanced Digital Forensics, Incident Response, and Threat Hunting (FOR508) and Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response (FOR572), and a GIAC Advisory Board member. He is also a principal incident response consultant at a major incident response and forensic analysis company, combining experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.