Implementing XDR to Detect Threats and Stop Attackers

The “cat-and-mouse” game between Attackers and Defenders is as old as the LoveLetter virus. While script-kiddies have matured to become cybercriminals, hacktivists, and state-sponsored adversaries, sometimes it feels like the Defenders are stuck in 1999. We deploy anti-virus solutions, monitor the perimeter, and wait and see. Yes, today’s security technology is “Next Gen,” “2.0,” and “Meta,” but the concept is the same. Set the trap and wait to be attacked.

And while the focus has been on stopping the active Attacker in the act, innovations in Big Data now allow us to detect the Attacker targeting your organization and stop them before they strike. To be clear, we are not talking about intelligence feeds managed through a platform but rather a new approach to detection that harnesses the insights of intelligence to profile the Attacker, pattern the attack, and align the Attacker’s intent with the reality of your security posture.

In this presentation, Mark Alba, Chief Product Officer, Anomali, and Steve Benton, Vice President of Anomali Threat Research,  Anomali, cover:

  • Profiling the Attacker
  • Mapping the evidence to the threat actors
  • Detecting evidence of attacks using indicator-based detection