No video :(

Using the MITRE ATT&CK Framework with Exabeam for Threat Hunting and Investigations

Exabeam

Подписаться 11 тыс.

Просмотров 16 тыс.

50% 1

Видео Поделиться Скачать Добавить в

Опубликовано:

28 авг 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 9

@carlosceoofredlinequickshift 4 года назад

Good content.

@tonymitchell1283 4 года назад

Really useful - Exabeam is a fantastic product, just wish it was a little more affordable!

@abhinav02111987 3 года назад

Very nicely explained. Thank you.

@LeStupiak193 4 года назад

Hi , can somebody tell me what is the abbreviation of AV signature mentioned in his keynote presentation ? A virus signature ?

@ExabeamSIEM 4 года назад

Hi there. The AV signature refers to the virus signature, its unique data, or bits of code... almost like a fingerprint.

@LeStupiak193 4 года назад

Exabeam thanks for brighten things up ! Im a user of exabeam ! Your videos are really helpful and informative ! Thanks a lot !

@gsrpavan1987 4 года назад

Hi Is there a way to auto populate CVE s and use the same for threat hunting??

@ExabeamSIEM 4 года назад

Hi Pavan. CVEs are part of the Pre-Att&CK framework. In the Att&CK framework, Exabeam ties detections to TTPs. The approach is CVE agnostic since most exploitation of vulnerabilities involve a new process execution, lateral movement, covering tracks, etc. Our goal is to provide visibility into detecting threats using a dynamic approach such as TTPs instead of a static indicator like IoCs.