EDR + NGAV Working Together: SANS Review of Carbon Black Cb Defense

  • Friday, 15 Sep 2017 1:00PM EDT (15 Sep 2017 17:00 UTC)
  • Speakers: Jerry Shenk, Brian Gladstein

Endpoints of all types are falling victim to phishing, ransomware, wipeware, zero days, DDoS and other damaging attacks, according to multiple SANS surveys and industry reports. IoT devices are being conscripted into botnets for sending DDoS attacks, new variants of ransomware are being released and spreading at astonishing speeds, and the most cunning attackers are actively searching and traversing entire networks of endpoints (and hiding their tracks).

In this webcast, learn how next-generation antivirus (NGAV), combined with the power of endpoint detection and response (EDR), can accurately and completely connect dots between suspicious and unauthorized activities to detect and fully remediate real threats.

SANS analyst Jerry Shenk will reveal how he put Carbon Black's Cb Defense through simulated ransomware, malware and various malwareless attacks to see what it detected and how it took action. He will discuss how Cb Defense NGAV detects these threats, how the Cb Defense EDR maps suspicious activity and patterns into attack visualizations for incident response and remediation, and how Cb Defense shows the attack chain and the steps of remediation. Specifically, learn how Cb Defense detects, reacts to and helps remediate the following:

  • Simple, known malware
  • Command shell attacks via NetCat
  • PowerShell attacks
  • Ransomware attacks based on new variants

Click here and be among the first to receive access to the associated whitepaper written by Jerry Shenk.