Loading Events

« All Events

  • This event has passed.

Combatting ransomware and APT activity with process-level monitoring

November 5, 2020

Combatting ransomware and APT activity with process-level monitoring

Ransomware has evolved from a commodity malware strain primarily targeting home users, to a devastating and effective tool in the arsenal of advanced threat groups. As these human operated cyberattacks continue to be a lucrative source of income for threat actors, ransomware will continue to pose a major threat to many organisations.

If threat actor activity can be detected in the environment early enough in the kill-chain, analysts stand a much better chance of unravelling the entire attack and reducing the risk to their organisation.

Join Dan Crossley, Sales Engineering Manager, LogRhythm and Imran Hafeez, LogRhythm Analytic Co-Pilot Consultant, to learn:
• The anatomy of a human operated ransomware attack
• What additional log data can be enabled within a Windows environment to allow better tracing of threat actor activity, including:
– Process creation with command-line execution
– PowerShell logging
– Microsoft Sysmon
• How you can trace and alert on possible threat actor activity within your environment, with these log sources

We hope you can join us for this 60-minute technical webinar.

Comments are closed.