Video On Demand
Hunting for the Insider Threat
Paul Reid
Luis Jimenez
  • Multiple Speakers
  • Paul Reid
  • Luis Jimenez
Runtime: 20:52
Brought to you by:
Today, insider threats, whether malicious or negligent, are difficult to combat and even harder to detect. In fact, the average time it takes to contain an insider incident is 77 days, with average costs for 30 days at 7.12M. How can you optimize your security team and tools to swiftly uncover and respond to these hard-to-find insider threats? With the combination of CrowdStrike’s rich endpoint data and ArcSight Interset’s powerful behavioral analytics (UEBA), your SOC can now identify and remediate elusive threats more efficiently than ever before. ArcSight Interset distills billions of CrowdStrike Falcon events into a list of prioritized threat leads by learning the normal, unique behavior of every user and entity in your enterprise to then detect the most unusual or suspicious behaviors which may indicate an insider threat. Interset Technology Strategist and Threat Hunt Lead Paul Reid, walks through how he hunts for threats that are likely to go undetected in your enterprise with ArcSight Interset using CrowdStrike Falcon data. You’ll get an inside look into this one-click cloud-to-cloud integration with real-world examples of behavioral analytics and EDR working together. He will also dive into enabling your security teams with the context they need to detect signs of credential access, discovery, lateral movement or data exfiltration quickly and effectively. Optiv’s Director of Threat Management Luis Jimenez will address some of the challenges their clients see with incident response, and why they recommend solutions like ArcSight Interset to help with quicker identification and remediation.

Related Videos

Threat Hunting & Incident Response Drinking from the Tap: Network Security Monitoring
Multiple Speakers CrowdStrike 23:54
Threat Hunting & Incident Response Avoid the Breach, Save the Weekend: Lessons Learned with CrowdStrike Services
Tim Parisi CrowdStrike 19:25
Threat Hunting & Incident Response Elevate Your Game: Creating Tabletop Exercises that Actually Improve Your Team
Multiple Speakers CrowdStrike 27:44