Threat Hunting with VMware Carbon Black Enterprise EDR

preview_player
Показать описание

00:09 Overview
00:49 User guide
01:20 Attack stages
02:20 TestDrive exprience
02:47 Phishing email import
03:28 Sneak Peek at attacker infrastructure (Command and Control)
03:53 Darkside Ransomware attack
04:25 Carbon Black Alert
05:49 Carbon Black Investigate
06:53 VirusTotal integration
07:21 Carbon Black Reveal feature
  1. Carbon Black
  2. carbon black
  3. cyber security
  4. endpoint security
  5. cb defense
  6. cb response
Рекомендации по теме
Threat Hunting with 0:08:12

Threat Hunting with VMware Carbon Black Enterprise EDR

Threat Hunting Based 0:02:23

Threat Hunting Based on Threat Intelligence with VMware Carbon Black Cloud Enterprise EDR

Creating a Scalable 0:43:13

Creating a Scalable and Repeatable Threat Hunting Program with Carbon Black and Siemplify

Carbon Black Managed 0:05:41

Carbon Black Managed Threat Hunting Demo

Sterling - Threat 0:54:21

Sterling - Threat Hunting and Incident Response in the New Threat Landscape - Carbon Black

Threat Hunting for 0:59:23

Threat Hunting for Dridex Attacks Using Carbon Black Response

Carbon Black NGAV, 0:52:45

Carbon Black NGAV, Incident Response and Remediation –A Live Attack & Response Demo VMware Dan ...

Automated Detection and 0:02:17

Automated Detection and Response with VMware Carbon Black Cloud

Using VMware Carbon 0:53:02

Using VMware Carbon Black Cloud to Simplify Security Operations

CyberTalk Episode 6 0:23:19

CyberTalk Episode 6 - VMWare Carbon Black

VMware Carbon Black 0:02:23

VMware Carbon Black Cloud Integration with Recorded Future

Let's Challenge Threat 0:09:03

Let's Challenge Threat Hunt - The game is on!

Threat Hunting at 0:52:14

Threat Hunting at Scale Using Cb Response + Surveyor

Arrow + VMware 0:01:16

Arrow + VMware Carbon Black Cloud

VMware Carbon Black 0:12:16

VMware Carbon Black EDR ( On-Prem)

Securing Your Endpoints 0:59:41

Securing Your Endpoints with Carbon Black A SANS Review of the CB Predictive Security Cloud Platform

VMware Carbon Black 0:31:26

VMware Carbon Black Cloud™ Endpoint Demo

Empowering Your Modern 0:11:18

Empowering Your Modern SOC with Carbon Black Cloud - Technical Overview

The Future Begins 0:06:48

The Future Begins Now with VMware Carbon Black

VMware AppDefense and 0:11:32

VMware AppDefense and Carbon Black Defense Demo

Datashield Threat Response 0:08:33

Datashield Threat Response Demo - Google Chronicle to VMware Carbon Black Integration

Course Demo: VMware 0:48:31

Course Demo: VMware Carbon Bl

[Demo] VMWare Carbon 0:10:45

[Demo] VMWare Carbon Black and Zscaler in Action

APT 29 Threat 0:47:23

APT 29 Threat Hunt

Комментарии
Автор

This isn't so much a Threat Hunt but rather it is Incident Response. A Threat Hunt would be proactively querying for anomalies and IoCs that are not tied to an alert/incident rather than reacting to an alert. For instance, Threat Hunting might look like querying your whole EDR tenant forthings like accounts with 500 in the SID that have attempting remote connections, events with hidden powershell windows, downloaded files from powershell, msi installers from the web, plain text passwords in the registery, startup folder additions etc.

AndrewH-dj
Автор

Great video, thanks. how do i get a test drive code to perform the tests myself?

damyj