Taking a Behavioral Approach to Security- How to Stay One Step Ahead of Your Adversaries

*To attend this webcast, login to your SANS Account or create your Account on the SANS website.

Join LogPoint's Jake McCabe as he discusses how thinking about security from the perspective of adversary behavior can help organizations better prepare for, detect, and respond to threats.

Too often, security organizations focus on signatures and IOCs to alert them to threats in their environment, however this myopic focus can often leave them blind to the bigger picture- unable to see the forest for the trees. By focusing instead on adversary behavior, security teams can make it more difficult for their adversaries to evade detection and they can even begin to predict where their adversaries might strike next.

The MITRE ATT&CK framework is one tool organizations can use to help take a behavioral security posture. The framework can help security teams assess risk, drive informed decisions, and help them to better understand how their adversaries typically behave.

User and entity behavioral analytics (UEBA) provides another avenue by which security teams can take a behavioral approach to security. UEBA complements and improves the fidelity of traditional signature-based detection methods to enable security teams to distinguish adversary behavior from normal behavior. UEBA does so by looking for anomalies or changes in behavior and then analyzing sets of anomalies which together could be indicative of particular adversary techniques.

Jake will discuss how these two approaches to behavioral security can be taken together and how LogPoint can help organizations improve their security posture by helping them take a more behavioral-focused approach to security.