Mitigating Insider Threats in the New Normal
An attacker’s most efficient approach to a pay day is to land on a host and then ‘live off the land’ using the residue of errant credentials and connections left behind from the course of daily operations―cached domain admin credentials, disconnected RDP sessions, local admin accounts using the same password, and more. Once an attacker grabs domain credentials, the odds are against you successfully detecting lateral (or vertical to cloud) movement when their activity appears ‘normal’ to most security tools and established baselines. Given the turbulent state of IT security driven by massive employee shifts to WFH status, existing tools are all the more challenged to discern real threats from false positive anomalies. To flip the odds in your favor, we will share how distributed, endpoint-based deception technology is helping deliver incontrovertible detection of attacks in motion, be it external threat actors or malicious insiders. Rather than resource intensive ‘probabilistic’ alerts that end up as false alarms, deception technology has emerged as a ‘deterministic’ solution for early attack detection, allowing organizations to build new forms of automated threat response armed with precise, source based forensics.
About Illusive Networks
What is a Virtual Roundtable?
A Virtual Roundtable is a thought-leading discussion between senior corporate leaders using video conferencing technology. Offering a digital alternative to physical business events and roundtable dinners, Virtual Roundtables help professionals to identify actionable solutions to their key challenges without the need to leave their home or office.