Cyber Threat Workshops

Special Edition: Defend Your Global Attack Surface: Threat Intelligence + XDR

background image

In this special edition of RiskIQ’s Cyber Threat Workshop we show how to extend security to global scale by leveraging inside and outside views of the attack surface.

Our team harnesses the power of the Microsoft XDR platform and combines RiskIQ’s unique threat intelligence to identify the most relevant threats and actionable indicators to accelerate incident response and modernize security operations. Using RiskIQ’s adversary-fingerprinting and threat tracking, Microsoft’s industry leading platform enables the world’s only adaptive XDR for pre- and post-breach response.

Lab exercises include contemporary threats, such as mobile and consumer attacks (e.g. Magecart, cross-site scripting, and ransomware) along with providing step-by-step guidance to incorporate adversary-fingerprinting into detection rules and schemas. Finally, RiskIQ and Microsoft threat specialists show how to automate workflows to defend against threats today and threats yet to be deployed.

Web-based Threats

  • Internet Graphing and Adversary-Fingerprinting
  • Security Telemetry: Inside and Outside
  • Vulnerability Intelligence for Scaled Defense

Relevant Intelligence
+ Scaled Defense

  • Expand threat search from one to thousands
  • Newly observed hosts, domains, malware infrastructure, and phishing campaigns
  • Identify relationships and related infrastructure, including depth indicators from certificates, banners, and NetFlow

Actionable Insights
+ Adaptive Response

  • Automated workflows leveraging real-world threat observations
  • Learn new techniques for attribution, from system to user to threat group
  • Find and eliminate global scale attacks, and campaigns
  • Safeguard your organization against malicious tooling and distribution

We explore how tooling and malicious distribution (adversary-threat infrastructure) propagates threats throughout the global attack surface. Often, these malicious systems are implicated in ransomware and phishing attacks and serve as a federated launching pad for global-scale attacks, such as HAFNIUM and Nobelium cyber threats in early 2021.

Additionally, RiskIQ and Microsoft security experts share their insights and demonstrate how leveraging XDR capabilities powered by vulnerability intelligence can mitigate worldwide exposures, and deploy incident response measures to rapidly eliminate threats entangled with your external attack surface.

Hands-on labs and exercises show how to expose real-life malicious and/or risky applications, hosts, domains, and components from services to silicon—every layer of your exploitable attack surface.

Attend and Learn:

  • Introduction: Security Intelligence + XDR
  • Introduction to adversary-threat fingerprinting and tracking
  • Techniques for identifying distributed malicious infrastructure
  • How to identify threats entangled with the external attack surface
  • How to apply and automate threat intelligence for scale defense and response
  • Real-world use cases with hands-on exercises, labs, and investigations