An effective threat detection strategy requires having the right detections and an understanding of adversarial behaviors.
The Pyramid of Pain has laid out detection schemes showing the degradation of alerts when detections are focused solely on single indicators. For effective threat detection, alerting should be created with a focus on rule efficacy and confidence. Based on the Conti and Quantum ransomware campaign, we’ll flip the Pyramid of Pain by demonstrating the need for correlation-based threat detection to improve rule efficacy, eliminate chasing dynamic indicators and reduce alert fatigue.
In this webinar, we will show you how to establish a detection strategy centered on the threat actors’ tactics, techniques, and procedures (TTPs) to detect threats effectively. We’ll also show you how to incorporate sequenced-based detections based on reported research from breaches and malware campaigns.