- This event has passed.
Combatting ransomware and APT activity with process-level monitoring
November 5, 2020
Ransomware has evolved from a commodity malware strain primarily targeting home users, to a devastating and effective tool in the arsenal of advanced threat groups. As these human operated cyberattacks continue to be a lucrative source of income for threat actors, ransomware will continue to pose a major threat to many organisations.
If threat actor activity can be detected in the environment early enough in the kill-chain, analysts stand a much better chance of unravelling the entire attack and reducing the risk to their organisation.
Join Dan Crossley, Sales Engineering Manager, LogRhythm and Imran Hafeez, LogRhythm Analytic Co-Pilot Consultant, to learn:
• The anatomy of a human operated ransomware attack
• What additional log data can be enabled within a Windows environment to allow better tracing of threat actor activity, including:
– Process creation with command-line execution
– PowerShell logging
– Microsoft Sysmon
• How you can trace and alert on possible threat actor activity within your environment, with these log sources
We hope you can join us for this 60-minute technical webinar.