Info

Enterprise Security Weekly (Video)

If you’re looking for advice and information on enterprise security solutions, look no further than Enterprise Security Weekly! We give you an “insider” perspective into security vendors, including coverage on new product announcements, integrations, funding, M&A, and more! Adrian, Tyler, Katie, and Sean have unique perspectives on the enterprise security landscape. All four hosts are former analysts. Adrian has been a consultant, practitioner, founder, and runs Security Weekly Labs. Tyler has spent many years as a marketing executive for security vendors. Katie has also recently moved to a vendor marketing role. Sean is founder and CTO at Trimarc Security, a professional services company which focuses on improving enterprise security. Together they provide valuable resources for protecting the enterprise and following the market each week!
RSS Feed Subscribe in Apple Podcasts
Enterprise Security Weekly (Video)
2024
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April


Categories

All Episodes
Archives
Categories
Now displaying: Page 1
Modern Threat Hunting with your SIEM on a $0 Budget - Ryan Fried - ESW #284 0
Aug 11, 2022

Security analysts can move past traditional Indicators of Compromise from threat intel like domains, hashes, URLs, and IP addresses. These indicators typically aren't valid shortly after the incidents happen. Modern threat hunting by doing things like reading recent and relevant security articles, pull out behaviors that attackers are doing like commands such as net group "domain admins" or RDPing from workstation to workstation and translating those to threat hunting queries. I will talk about how to start small and will give a few examples where we proactively found evil in our environment.

 

Segment Resources:

https://www.scythe.io/library/operationalizing-red-canarys-2022-threat-detection-report

https://www.itbrew.com/stories/2022/05/09/quantum-ransomware-can-now-move-from-entry-to-encryption-in-under-four-hours?utm_campaign=itb&utm_medium=newsletter&utm_source=morning_brew&mid=1e3360a49c0b72a4c0e4550356ffee54

https://www.cisa.gov/uscert/ncas/alerts/aa22-181a

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw284

0 Comments
Adding comments is not available at this time.
©© 2024 CyberRisk Alliance