A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Remaining Invisible in the Age of EDR Breadcrumb Home Insights Source Zero Remaining Invisible in the Age of EDR May 25, 2021 EDR products are becoming a necessary solution in the security stack. In this session you will learn the short comings of EDR, so you can make informed strategic decisions. Threat actors often operate in a black box mentality, utilizing techniques and procedures that will not be detected against a wide spectrum of anti-malware controls, rather than avoiding detection from a specific set of controls, with high success. This shift in thinking has yielded new, very sophisticated techniques to evade detection on disk and in memory. These techniques extend beyond the traditional initial compromise vectors and are often utilized in all post-exploitation techniques to prevent any type of detection. With these advanced attacks, the landscape has had to shift from looking for signature and heuristic based threats but to detecting behavioural ones. With the implementation of these next generation EDR products to detect all these types of bleed edge techniques, how are attackers still so successful? We’ll start by examining the issues that ALL EDRs face in their current deployment and how hackers can take advantage of this to completely bypass the product and blind them to their malicious activities. We will look from the perspective of EDRs as a whole; most of these flaws are present in all of them. Once we understand the systemic issues and how attackers can abuse them, we’ll focus on several techniques developed and deployed in the wild that are highly successful. We’ll conclude with some new techniques that will be introduced into ScareCrow 2.0 being released after the talk. Share:
Would you like to speak to an advisor? Let's Talk Cybersecurity Provide your contact information and we will follow-up shortly. Let's Browse Cybersecurity Just looking? Explore how Optiv serves its ~6,000 clients. Show me AI Security Solutions Show me the Optiv brochure Take me to Optiv's Events page Browse all Services