Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Remaining Invisible in the Age of EDR
EDR products are becoming a necessary solution in the security stack. In this session you will learn the short comings of EDR, so you can make informed strategic decisions. Threat actors often operate in a black box mentality, utilizing techniques and procedures that will not be detected against a wide spectrum of anti-malware controls, rather than avoiding detection from a specific set of controls, with high success. This shift in thinking has yielded new, very sophisticated techniques to evade detection on disk and in memory. These techniques extend beyond the traditional initial compromise vectors and are often utilized in all post-exploitation techniques to prevent any type of detection. With these advanced attacks, the landscape has had to shift from looking for signature and heuristic based threats but to detecting behavioural ones. With the implementation of these next generation EDR products to detect all these types of bleed edge techniques, how are attackers still so successful? We’ll start by examining the issues that ALL EDRs face in their current deployment and how hackers can take advantage of this to completely bypass the product and blind them to their malicious activities. We will look from the perspective of EDRs as a whole; most of these flaws are present in all of them. Once we understand the systemic issues and how attackers can abuse them, we’ll focus on several techniques developed and deployed in the wild that are highly successful. We’ll conclude with some new techniques that will be introduced into ScareCrow 2.0 being released after the talk.
June 11, 2020
Optiv’s Source Zero is a new technical cybersecurity thought leadership resource.
This post helps prioritize efforts based on alert information you're already receiving from Microsoft #Defender #ATP.
August 13, 2020
Netwrix Account Lockout Examiner (versions prior to 5.1) allows an unauthenticated remote adversary to capture the NTLMv1/v2 challenge response....