Data-driven Threat Hunting with Tanium + Google Chronicle
August 20, 2020 at 9 AM PDT | 12 PM EDT | 5 PM BST
Proactively Hunt Threats on Live Endpoints and Across an Entire Year of Activity
Advanced persistent threats (APT) penetrate networks and stay hidden through any number of targeted and difficult to detect means including spear phishing, credential theft or web app vulnerabilities.
Once inside, they use native operating system functions, credential dumping and human error to opportunistically seek higher value targets and data. These types of attacks can be extremely damaging, difficult to remediate and much longer lived – often 200+ days of dwell time. EDR telemetry becomes too limited in scope and volume to help, usually maxing out at 30 days.
Join us on August 20th to hear and see how Tanium and Google Cloud are combining Unified Endpoint Security with the massively scalable, cloud-native security analytics of Google Chronicle.
For the first time, organizations can cost-effectively store one year of rich endpoint telemetry with deep integration between Tanium and Chronicle. Incident response teams and analysts will have drastically improved ability to hunt, investigate and fully scope advanced threats with sub-second search latency across endpoint and other data sources such as DNS, proxy and firewall logs.
What you’ll learn:
- Current trends in advanced security threats and how evolving tactics are evading defenses
- How Tanium and Google Cloud have created a rich integration to accelerate and improve endpoint detection and response to address advanced threats
- How to use Chronicle in an investigation to fully scope a long-lived attack
Speakers
Register Now for the Webinar
Complete the form to attend the live webinar.