Our website uses cookies to enhance your browsing experience.


Cyber Intrusion Services Casebook 2016

Leveraging Next-Gen Endpoint Technology and Human Expertise To Identify and Eject Persistent Intruders

2016 has been a record year for incident response (IR) engagements for CrowdStrike Services consultants. Numerous companies, government agencies, nonprofits and political organizations turned to CrowdStrike as the go-to company for investigation and response to breaches discovered on their networks. Valuable adversary tradecraft intelligence and critical lessons learned from these engagements are detailed in the 2016 edition of the CrowdStrike Cyber Intrusion Casebook.

This CrowdCast will delve into this year’s casebook, focusing on in-depth digital forensics, IR and remediation work performed on behalf of actual CrowdStrike clients. Real-life examples drawn from notable CrowdStrike Services IR engagements in 2016 — including the now-infamous hack of the Democratic National Committee (DNC) — will be discussed, with an emphasis on best practices organizations can follow to identify and eject attackers before a devastating breach occurs.

Attendees will learn:

  • How CrowdStrike’s Falcon OverWatch and professional services teams discovered and attributed the DNC intrusion to nation-state threat actors FANCY BEAR and COZY BEAR
  • The specific tactics, techniques and procedures (TTPs) a range of nation-state and eCrime adversaries used to gain entry, and how they attempted to cover their tracks
  • How third-party trust relationships, particularly in the franchisee business model, introduce significant risk to enterprise and customer data
  • How CrowdStrike Services leverages unique Indicators of Attack (IOA) technology to uncover the latest adversary tradecraft
  • The gaps in security processes and planning that your organization can address now to stop the next breach