Sep
02
Join us in for

Ensign Talks: Modern Threat Hunting for the Digital Age

Modern day cyberattacks are evolving so fast, they can evade traditional detection tools. They can remain hidden in critical networks for months on end, wreaking havoc before they’re detected. Do you have processes and threat hunters in place for an efficient incident response? This webinar focuses on effective ways for building and operationalising a threat hunting team, as well as on understanding adversaries’ TTPs, malware trends and threat hunting platforms.

ENSIGN-TALKS-logo

Modern day cyber attacks are evolving at an unprecedented speed. These attacks are specially designed to evade traditional detection tools, remaining hidden in critical networks for months. It’s usually too late when they’re detected; the damage has already been done.

Uncovering such cyber attacks does not surprise most experienced and effective cybersecurity teams. Just as emergency first responders know how to handle a fire or a hurricane, cybersecurity first responders know what to do in the event of a major cyber attack. Is your team adequately prepared for security incidents with tools for early threat detection? Have you implemented processes for efficient incident response?

This panel discussion aims to help you and your cybersecurity team build and develop effective threat hunting capabilities. Ensign’s panel of experts will discuss current case studies of how the market prepares for, detects, and manages advanced cyber attacks. You’ll gain insights on steps taken by other enterprises, as well as hear about tools and best practices for designing an effective threat hunting programme.


Topic: The Cyber Threat Landscape and Key Considerations when building a Threat Hunting team

The digital age brings about unprecedented technological advancement, increased productivity and access to information. But as the digital realm expands, so does the attack surface of organisations. There is now more sensitive data in the digital realm and in the Cloud that is vulnerable to cyber attacks. As such, Cyber Defence has to evolve with the times. Instead of sitting and waiting for an attack to occur, organisations must rethink their strategy to take on a more proactive approach in threat detection and response. In this session, Xiang Zheng will share on:

  • The redefined defence strategy from passive to active
  • Different levels of threat visibility: pervasive, foresight, insight, hindsight
  • Key considerations when deciding between in-house, outsourced and hybrid threat hunting team models

Topic: Malware Trends and Evolving Threat Actor Tactics, Techniques and Procedures (TTPs)

The first computer virus was discovered in the 1970s, and the functions were simple and easily detected by anti-virus signatures. Fast-forward to today’s digital age, malwares have become increasingly evasive, polymorphic and require advanced detection tools to detect them. Fileless malware and their attack techniques such as Windows Registry Manipulation and Memory Code Injection are becoming commonplace and they pose new and heightened risks for organisations. In this session, you will get to learn more about:

  • The evolution from signature-based threats to behaviour-based threats
  • The three fileless malware attack tactics and techniques
  • Taking on a threat-based approach in anomaly detection

Topic: Demystifying Threat Hunting Platforms of EPP, EDR and NTA

In today’s digital age, signature-based detection tools are insufficient to provide the detection and response capabilities needed to combat emerging cyber threats. Among some of these advanced tools are Endpoints Detection & Response (EDR) and Network Traffic Analysis (NTA) solutions that provide enhanced visibility and the ability to detect threats that bypass front-line defences. But how do they compare against and/or complement one another? In this session, Rodrick will share more about:

  • The different threat hunting platforms and the unique purposes they serve
  • Designing and building an integrated solution to detect and respond to both north-south and east-west traffic

Topic: Operationalising a Threat Hunting team

Threat Hunting is only as effective as the team behind it. Compared to traditional tools like Anti-virus, Intrusion Prevention or Detection Solutions, and Firewalls, using advanced tools such as EDR and NTA require active supervision, and skillsets to investigate, respond, remediate and contain breaches. In this age where cybersecurity talent is a scarce resource, automation plays a huge role in complementing threat analysts in their investigation processes. Highlights of this session include:

  • How to operationalise a threat hunting programme, and the common challenges to overcome
  • Leveraging automation to enable analysts to perform more important investigative work
  • Real-world case studies on hunting for behaviour-based threats and fileless attacks

About our speakers
Programme
Time
Activity / Topic
Speaker
Register for this event
Ensign Talks: Modern Threat Hunting for the Digital Age
Wednesday, 02 Sep 2020
03:00 PM - 04:00 PM
Thank you. The event has ended.