White Paper | Resource Center

Disrupting the Cyber Kill Chain: How to Contain Use of Tools and Protocols

Disrupting the Cyber Kill Chain White Paper Cover Image

Preventing lateral movement and unauthorized domain access due to the misuse of network credentials – especially due to reconnaissance tools looking for weak spots – is a challenge plaguing many enterprises. In fact, it’s a decade-old security problem. A major issue for enterprises has been how to detect and contain the use of reconnaissance tools like BloodHound, authentication protocols such as NTLM, DCE/RPC, Kerberos and Lightweight Directory Access Protocol (LDAP), as well as other IT tools like PsExec and Powershell that are being misused or exploited by attackers.

Download our Disrupting The Cyber Kill Chain white paper to learn how Falcon Identity Protection solution can:

  • Prevent lateral movement and unauthorized domain access due to the misuse of network credentials via reconnaissance tools
  • Block and easily contain PowerShell, PsExec and other attacking tools
  • Deeply inspect authentication protocols such as NTLM, DCE/RPC, Kerberos and LDAP to control protocol usage
  • Reduce risk of credential forwarding, password cracking and other credential-based attacks such as Pass-the-Hash and Golden Ticket
Falcon Cloud Security: Cloud Infrastructure Entitlement Management (CIEM) Solution Brief
CrowdStrike 2024 Global Threat Report: What You Need to Know
CrowdStrike 2024 Global Threat Report: Executive Summary

Discover More at our
Resource Center

Case Studies
Community Tools
CrowdCasts
Data Sheets
Demos
Guides
Infographics
Reports
Videos
White Papers

TECHNICAL CENTER

  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center