Disrupting Lateral Movement

Attackers don't have to hit your most critical assets directly -they'll find a soft spot in your perimeter defenses and move laterally through your environment until they reach their target.

In this webinar you'll learn about the tools and techniques you can use to detect attackers' lateral movement within your computing environment and how to stop them before they launch their final payload.

On Demand
1h 00min

During this session we will cover:

  • Attackers’ most common and most innovative methods of lateral movement – how they slither from one endpoint to a confidential database or industrial control system 
  • How you can improve visibility into your entire organization’s IT environment and locate attackers’ most likely paths
  • Ways and means to detect attackers’ lateral movement more quickly and disrupt the kill chain sooner

Featured Speakers

  • Gal Shpantzer
    Gal Shpantzer
    Independent Security Professional

    Gal Shpantzer has over 15 years of experience as an independent security professional and is a trusted advisor to CISOs of large corporations, technology and pharma startups, Ivy League universities and non-profits/NGOs. Since 2014, Gal has focused on emerging threats to availability as well as confidentiality (ransomware and destructive attacks). Gal has been involved in multiple SANS Institute projects since 2002, including co-editing the SANS Newsbites, revising the E-Warfare course and presenting on cyberstalking, CAPTCHAs, endpoint security and hardware roots of trust. In 2009, he founded and led the privacy subgroup of the NIST Smart Grid cybersecurity task group, resulting in the privacy chapter of NIST IR 7628. He is a co-author of the Managing Mobile Device Security chapter in the 6th ed. Vol 4 of the Information Security Management Handbook (2010) with the late Dr. Eugene Schultz, and is a technical editor of an upcoming O'Reilly book on defensive security (2017). Gal collaborated with Dr. Christophe Veltsos to present the ongoing Security Outliers project, focusing on the role of culture in risk management at RSA, CSI, BSides and Baythreat conferences. Most recently, he was involved as a subject matter expert in the development of the U.S. Department of Energy’s Electric Sector Cybersecurity Capability Maturity Model (ESC2M2) in 2012, and is launching the Incident Response Execution Standard project late 2016. Gal was also involved in the Infosec Burnout research project and co-presented on this topic at BSides-Las Vegas and RSA.

  • Lee Lawson
    Lee Lawson
    Director, Secureworks Counter Threat Unit – Special Operations team

    Lee Lawson is a Director of the Secureworks Counter Threat Unit – Special Operations team based in Europe. The CTU operate in the field of cyber intelligence, researching new cyber-threats and gathering intelligence on the perpetrators. The Special Operations team is dedicated to responding to targeted attacks on networks of national significance and the rapid development of countermeasures to detect those advanced threats.

    • 15+ years of experience in information security focusing primarily on APT Threat Intelligence, Incident Response, Digital Forensics, and Penetration Testing
    • Has worked on and led multiple Targeted Threat Hunting projects to hunt for and eradicate high-level Threat Actors from client environments
    • Highly experienced security expert that has worked for many organisations in public and private sectors including Financial Services, Government, and Healthcare etc.
    • Regular speaker at large information security events

  • Sara Peters
    Sara Peters
    Senior Editor
    Dark Reading

    Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law -- a collaborative project that investigated the dichotomy between laws regulating software vulnerability disclosure and those regulating Web vulnerability disclosure.

Sponsored By