Grab your detective hat (white, of course) and join NetWitness for an hour of threat hunting intrigue. We’ll study a mock attacker, hunting down security threats and following a trail of cyber breadcrumbs, infiltrations, and threat detection events that can help your organization stay vigilant and keep your operations secure.
In this threat hunting session you’ll uncover:
• How to engage the EDR and NDR capabilities of the NetWitness Platform for your organization’s security needs
• How you can carve, reconstruct, and analyze suspicious behaviors, attacks, and data
• How best to examine the investigative workflow, learn time-saving critical features, and study tips and tricks from other cases
This is the first of a two-part series. While you don’t need to attend both sessions, Part 2 in April will be an intriguing case study where we’ll respond to the threats we hunted for in this Part 1.
Join us for this on-demand webinar as we go through the most common troubleshooting tips and tricks for the NetWitness Platform.
Our systems engineering experts will share with you their real-world experience and you will learn that solving most troubleshooting tasks is a breeze that you can do yourself.
Register now to learn the art of NetWitness troubleshooting.
Join Dave Glover, aka The Logfather, for this virtual insider training session that goes behind-the-scenes on logging complexities and enhances your threat detection and IR skills.
Join Threat Connect and NetWitness for an engaging conversation.
For far too long cyber security organizations have been more focused on keeping pace with the businesses digital transformation by throwing people and tools at the problem. It’s time to focus on ourselves. By supporting our own digital transformation we will be well equipped to keep pace with the needs of the business and embrace the speed at which things are changing. This presentation will talk about how security must fundamentally change how we operate and deliver value to customers. It will also discuss the cultural change that requires organizations to continually challenge the status quo, experiment, and get comfortable with the updated business of cybersecurity.
Feeding the Everyday Detection Monster: Manual and Automated processes that enable better threat detection
The SOC is often tasked researching threats, gathering data, and applying intel to everyday detection/hunting. In this webinar we’ll go over both a manual process utilizing open source tool(s) and an automated process with NetWitness Orchestrator. We’ll effectively apply both processes to the NetWitness Platform for detection and hunting purposes
Too many enterprises today are in a reactive, firefighting mode when it comes to incident response. The MITRE ATT&CK framework is gaining popularity as a structured way to approach vulnerabilities, threats and remediation. Yet a recent study showed that even though 82% of cybersecurity professionals are familiar with the MITRE ATT&CK framework, only 8% said they used it regularly. The challenge: How to operationalize the framework.
Register for this executive roundtable to gain key insights about putting MITRE ATT&CK to work and to discuss with your peers.
A security operations center (SOC) is full of (expensive) technology and (even more expensive) people, and they don’t always get along. Why do organizations consistently struggle with building out – and maintaining – their basic threat detection and response functions to meet today’s adversaries? Attendees of this session will learn about the five quickest paths to ensure failure in a SOC and will have the opportunity to ask questions.
Are you still relying exclusively on your SIEM as your primary tool in your threat detection and response toolbox? There is so much more visibility you need within your environment today, above and beyond capturing details from your logs. Join us to learn more about the power of extended detection and response (XDR) – and better yet, from a provider who started down this path years ago, starting with a SIEM and today offering a full-blown XDR platform. This session will be led by the NetWitness Field CTO Ben Smith and our lead Principal Systems Engineer, Nak Kwak. Nak will build a real attack framework and then defend with NetWitness.
First, our experts will give you an introduction to threat hunting while walking you through various threat hunting methodologies during the webinar session. We’ll discuss tactics and techniques used by world class hunters around the globe and give you the building blocks to start your analysts on the road to becoming threat hunters, regardless of skill level. Then, we’ll let you take things into your own hands with multi-stage "hands on" scenarios that will allow you to apply some of the techniques discussed during the session. Don’t sweat it if you feel overwhelmed. Our experts will be on hand to help you through the details, so everyone walks away with a solid grasp of the value of the hunt. Your final challenge will be to test your skills with a remote exercise that you’ll have 72 hours to complete. You’ll be competing against other workshop participants for CPE credits, the opportunity to win a prize, and the title of “Threat Hunter."
Cybersecurity monitoring and logging are critical to your ability to detect network events and potential cyber attacks. But if the sheer volume of log data and other challenges are getting in the way of a rapid and effective response to security threats, we have an offer you can’t refuse. This complimentary virtual training session led by RSA Principal Sales Engineer Dave Glover demystifies logging complexities and enhances your threat detection and IR skills. With more than 20 years in cybersecurity, there is very little that Dave Glover, aka The Logfather, hasn’t seen when it comes to infiltrators and cyber threats. In this one-hour session, Dave, an RSA Principal Sales Engineer, shares his in-depth knowledge of threat detection and describes relevant use cases through live demos using RSA NetWitness – but the concepts he presents can be applied to whatever tool you use.
A complimentary virtual training session that demystifies logging complexities and enhances your threat detection and IR skills. Cybersecurity monitoring and logging are critical to your ability to detect network events and potential cyber attacks. But if the sheer volume of log data and other challenges are getting in the way of a rapid and effective response to security threats, we have an offer you can’t refuse. You can’t get this type of insight and expert training from just anyone. With more than 20 years in cybersecurity, there is very little that Dave Glover, aka The Logfather, hasn’t seen when it comes to infiltrators and cyber threats. In this one-hour session, Dave, an RSA Principal Sales Engineer, shares his in-depth knowledge of threat detection and describes relevant use cases through live demos using RSA NetWitness – but the concepts he presents can be applied to whatever tool you use.
Are developers a liability or an asset when it comes to security? Check out Matias Madou, CTO of Secure Code Warrior, and RSA’s CTO Ben Smith as they discuss the importance of empowering developers to start left, not just shift left. Through this interactive session, they will touch on the importance of building a positive security environment that can be used in a dev team’s everyday practice.
Building on the popularity of the highly technical Operationalizing Incident Response workshop, RSA is offering a special virtual version of this in-person event. During the webinar, Shane Harsh will describe a business-driven security framework for the fundamentals of operational threat hunting and incident response. This will enable your organization to understand the essential elements required to build an effective, repeatable, and cross-functional IR plan. Shane will also share knowledge of operational best practices to successfully identify, contain, eradicate, and recover from cybersecurity incidents.
How do you begin your journey to an Intelligent SOC? Start by evaluating where your dimensions of visibility, analytics, automation, and risk fall. With that knowledge you can build your roadmap in a sequence that delivers maximum impact and cost effectiveness.
The internet of things (IoT) has presented numerous real or perceived security challenges, but edge computing promises a way to respond and overcome them, in part by giving security analysts and admins the ability to monitor, detect and handle IoT threats. RSA partner IOTech Systems joins us to show how IoT edge computing can help you get IoT under control and secured. During this exclusive webinar and demo: You’ll learn how IoT edge computing works conceptually and from a technical perspective. You’ll see via the demo: How IOTech’s Edge Xpert platform can be configured to efficiently and accurately ingest and aggregate data from multiple, different edge devices. How Edge Xpert seamlessly deploys and manages the RSA IoT Security Monitor Collector to provide security at the edge. You’ll learn how you can integrate RSA IoT security monitoring tools with your existing SIEM.