One of the unmistakable lessons of the devastating Solar Winds hack is that traditional methods of threat detection are failing to protect companies from sophisticated adversaries and attacks. After all: no amount of layered security defenses can protect organizations from a trojan buried deep in a a signed software update from a legitimate, third party software vendor.
So what is a security-minded company or public sector organization to do? Better and earlier detection of security compromises would be a good start. After all, the success of the Solar Winds hackers wasn’t their ability to compromise the networks of government agencies and private sector firms - lots of adversaries can do that. It was their ability to dwell, undetected, in those compromised environments for months. Longer “dwell time” translates to greater access, more data theft and - of course - persistence.
The key to stopping the next Solar Storm isn’t in blocking the next attack (though that would be great) but (also) improving your organization’s ability to spot nascent attacks before attackers have the opportunity to access critical systems and burrow deep in your environment. And that means improving your organization’s threat hunting abilities.
On Thursday, February 4th at 2:00 PM ET, QOMPLX’s Senior OSINT Specialist Joe Gray will lead a discussion on Threat Hunting After SolarWinds Solar Storm. In it, Joe will explore how the Solar Storm incident puts a premium on organizations developing mature threat hunting functions. He will review the details of the Solar Storm attack and talk about how standard threat hunting functions can expose attacks like Solar Storm in their early stages. He’ll also talk about what companies need to do to stand up a threat hunting function within their own ranks.
Use the form below to register for this webinar! We look forward to seeing you there.