Save Your SOC by Securing Active Directory
Your security operations center (SOC) has a problem. There are too many security tools generating too many alerts. At the same time, you have too few talented SOC operators to pick the signal out from the noise. Firewalls, SIEMs, PAM and DLP are good at what they were designed for, but the telltale signs of the most dangerous attacks on your environment escape their notice The embrace of web-based platforms and tools has extended your security boundary to the cloud - and also opened you up to new risks. What to do?
In this webinar, QOMPLX Chief Security Officer Andy Jaquith will talk about how your organization can get in front of emerging threats and reduce your attack surface by detecting and thwarting emerging attacks on critical identity infrastructure like Active Directory and Kerberos. Andy will talk about how automating identification of common Active Directory attacks like Golden- and Silver Ticket and DCSync can pay big dividends and prevent follow-on attacks against federated services like Amazon Web Services and more.
You'll learn:
•How to identify common attacks on Active Directory and Kerberos
•How your organization can reduce its attack surface through closer monitoring of attacks on Active Directory
•Lessons learned from real CISOs working in the trenches
Andy is a former Managing Director of JPMorgan Chase, where he was the Global Operational Risk Officer for Cyber and Information Risk, with responsibility for regulatory affairs and second-line cyber risk management. Previously, Jaquith served as Managing Director at Goldman Sachs for Technology Risk Measurement & Analytics. He was the Chief Technology Officer of SilverSky, a managed security services provider with 1,500 financial services customers. His book, “Security Metrics: Replacing Fear, Uncertainty, and Doubt” is a best-seller in the field.
