Threat Detection
Combined Session
Wednesday, June 05, 2024 11:00—12:00
Location: A 05-06
Wednesday, June 05, 2024 11:00—12:00
Location: A 05-06
The role of identity continues to be in high focus for defenders and attackers alike. While Identity and Access Management systems have improved greatly with the increased usage of MFA, PAMs, federated identity, AD & Azure AD, and detection and response systems such as EDR, SIEMs and XDR, successful, massive breaches leveraging identity still are occurring regularly. Why? How? In many organizations there are major vulnerability and detection gaps between primarily preventive IAM controls and increasingly common attacker tools and techniques that circumvent them. This is most evident post initial compromise where more sophisticated attackers show off their skills in the middle of the attack chain to move laterally and escalate their privileges on their way to the organization’s crown jewels. As with every attacker move there is a defender counter move. This has led to the emergence of identity threat detection and response (ITDR) solutions. Can ITDR solutions and associated security processes break the middle of the attack chain?
Our digital world is connected more than ever, not just with technology but also with our digital identities. Stories about hackers, data breaches, and security flaws are all too common today. In this interconnected digital space, Identity and Access Management (IAM) is a big deal. It helps manage who gets access to what, especially in a time when our digital identities are targets for cyber threats.
Keeping our online identities safe is super important because it's where our personal and work lives meet. Bad actors, like hackers and data breaches, try to take advantage of this. That's why we need a strong plan called Identity Threat Detection and Response (ITDR).
ITDR isn't just a tool; it's a mix of technology, ways of doing things. This presentation looks into how ITDR works and why it's super important in modern cybersecurity. ITDR has four main parts: making a basic identity plan, finding risks, spotting problems quickly, and having ways to respond. All these parts help keep our identities safe and protect important data.
In the digital age, cyber threats loom large, targeting both consumers and enterprises with increasingly sophisticated attack techniques. In this session, we will delve into some of the top attack techniques used by hackers to gain access to sensitive information and cause harm to you. We will demonstrate real-world exploits, showcasing the critical security flaws that every organization and user must be aware of, and help you choose the right set of solutions to fortify your defenses.
A significant trend in cybersecurity breaches is the shift from targeting endpoints to hijacking user identities. This evolution marks a significant change in attack vectors, emphasizing the need for robust Identity Threat Detection and Response (ITDR). The presentation will delve into the dynamics of this trend, elucidating the mechanisms through which attackers infiltrate systems by exploiting identity vulnerabilities instead of traditional hardware or software loopholes.
In response to the increasing focus on identity-based threats, there has been a paradigm shift in organizational structures and workflows. Identity & Access Management (IAM) teams are no longer siloed entities; they are increasingly integrated with Security Operations Centers (SOC). This presentation will explore the multifaceted implications of this integration. Attendees will gain insight into how the fusion of IAM and SOC functions is reshaping security strategies, fostering a more resilient, proactive defense against identity-based attacks.
Topics covered will include the evolution of ITDR tools and techniques, the role of artificial intelligence in predicting and mitigating identity threats, and the critical importance of fostering a culture of security awareness throughout the organization.
