Introduction to Threat Hunting with Network Metadata
The network metadata the Vectra platform produces can be valuable for threat investigåations. Have you wondered how you could make use of same metadata to proactively hunt for threats? In this webinar, Vectra Sidekick MDR analysts will describe techniques to identify three common attacker behaviors in your environment. Sidekick analysts will walk you through the specific workflows for each attack technique, provide best practices for hunting in your own environment, and answer questions about how to threat hunt using the Vectra platform. Recall will be used for this webinar. However, the same methodologies can be applied to network metadata obtained from Stream. In this video you will learn how to:
► Hunt for three commonly utilized attack techniques
► Leverage multiple metadata types to uncover attack behavior
► Build custom Recall dashboards for your environment
More information: www.vectra.ai
► Website: https://www.vectra.ai/solutions/mitre-attack-model
► Ask a question on MITRE: https://support.vectra.ai/s/article/KB-VS-1158
► Blog: https://www.vectra.ai/blogpost/achieving-threat-hunting-consistency-with-the-mitre-att-ck-matrix
► Solution Brief: How Vectra Supports the MITRE Enterprise ATT&CK Framework https://www.vectra.ai/resources/cb-mitre-att-ck-for-enterprise
00:00 Introduction to Threat Hunting with Network Metadata
02:13 Why should you hunt?
03:19 why hunt with network metadata?
04:38 What is Vectra Recall?
05:32 List of metadata streams
06:06 Common attributes to all metadata streams
06:40 What is DCSync?
09:43 Hunting for DCSync
10:20 Hunting for DCShadow
20:20 Hunting for PCExec
Видео Introduction to Threat Hunting with Network Metadata канала Vectra AI
► Hunt for three commonly utilized attack techniques
► Leverage multiple metadata types to uncover attack behavior
► Build custom Recall dashboards for your environment
More information: www.vectra.ai
► Website: https://www.vectra.ai/solutions/mitre-attack-model
► Ask a question on MITRE: https://support.vectra.ai/s/article/KB-VS-1158
► Blog: https://www.vectra.ai/blogpost/achieving-threat-hunting-consistency-with-the-mitre-att-ck-matrix
► Solution Brief: How Vectra Supports the MITRE Enterprise ATT&CK Framework https://www.vectra.ai/resources/cb-mitre-att-ck-for-enterprise
00:00 Introduction to Threat Hunting with Network Metadata
02:13 Why should you hunt?
03:19 why hunt with network metadata?
04:38 What is Vectra Recall?
05:32 List of metadata streams
06:06 Common attributes to all metadata streams
06:40 What is DCSync?
09:43 Hunting for DCSync
10:20 Hunting for DCShadow
20:20 Hunting for PCExec
Видео Introduction to Threat Hunting with Network Metadata канала Vectra AI
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Cooper University Health Care Talks about Vectra Cognito](https://i.ytimg.com/vi/dNaCEBnacik/default.jpg)
![The SolarWinds Orion Breach, SunBurst, and What You Can Do about It](https://i.ytimg.com/vi/IBGQb5wciNU/default.jpg)
![Integration of Microsoft Defender for Endpoint and Vectra NDR](https://i.ytimg.com/vi/ZE5i7P-brB0/default.jpg)
![How the Vectra AI Platform prioritizes attacks [Demo | Chapter 3]](https://i.ytimg.com/vi/xKDa99axCUI/default.jpg)
![Vectra AI Threat Briefing: Hybrid Cloud Attacks](https://i.ytimg.com/vi/CbODAD-ELqU/default.jpg)
![The advent of Network Detection and Response in security operations](https://i.ytimg.com/vi/pD3-0N0ZQMM/default.jpg)
![KPMG Cyber Resilience Learn about Security and Risk from APT Nation State Actors](https://i.ytimg.com/vi/2RKXLhBY6zY/default.jpg)
![Demo: Automatically surface hidden attacks in real time](https://i.ytimg.com/vi/X9BU0JjPtdU/default.jpg)
![Wie schnell erkennen Sie heute, ob bei Ihnen gerade ein Cyberangriff läuft?](https://i.ytimg.com/vi/uqsTpUa3KA0/default.jpg)
![Deploying virtual sensor | AWS Enablement](https://i.ytimg.com/vi/RyQ7WxpSrqk/default.jpg)
![How to Succeed in Hunting Cyberattackers](https://i.ytimg.com/vi/7dff55C1g7Q/default.jpg)
![Jane Lute Discusses Cybersecurity](https://i.ytimg.com/vi/3ywHJHjTzTs/default.jpg)
![Creating a Network Load Balancer | AWS Enablement](https://i.ytimg.com/vi/xkwHDz-7WOk/default.jpg)
![How to protect smart homes from cyber threats](https://i.ytimg.com/vi/4DN3Ye2I0zQ/default.jpg)
![HBO Latin America talks about Vectra Cognito](https://i.ytimg.com/vi/6D2D8yWoufw/default.jpg)
![New Gartner Research Five Keys to XDR Strategy Success](https://i.ytimg.com/vi/1FCw7b31nc8/default.jpg)
![Printer vulnerability (CVE-2016-3238): Internet infection overview and demo](https://i.ytimg.com/vi/7ARwRATfAvs/default.jpg)
![The Very Group – Cognitive Security Highlights](https://i.ytimg.com/vi/1GFrwelCS-g/default.jpg)
![Splunk and Vectra: Enhanced Integration for Powerful Threat Detection and Response](https://i.ytimg.com/vi/goQRAQHy9GA/default.jpg)
![Unlock the Power of Vectra AI with Suricata Signature Engine](https://i.ytimg.com/vi/sXulQP7COOk/default.jpg)
![How to Stop Account Takeover in Microsoft 365](https://i.ytimg.com/vi/O9i2ycHV-ZA/default.jpg)