To keep up with advanced cyber threats from APT’s using living of the land (LOTL), pivoting and lateral movement techniques within your network, effective threat detection and event logging are key to staying secure. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), in collaboration with global cybersecurity authorities including CISA, FBI, and NCSC, has established comprehensive guidelines to bolster organizational resilience.
Red Piranha is a pioneer and leader in threat detection with Crystal Eye designed to meet the new guidance to detect living off-the-land attacks and EDR bypass, offering advanced capabilities to enhance your security posture.
In this session, you will learn how Crystal Eye’s Advanced Intrusion Detection and Prevention System (IDPS) is essential for combatting, pivoting and lateral movement within networks.
You will discover how to effectively detect and isolate lateral movement activities within your network and implement a robust network segmentation strategy using Crystal Eye’s Advanced Intrusion Detection and Prevention System:
- Comprehensive Detection and Prevention Framework
- Operational Modes of IDPS
- Customisable Rulesets and Profiles
- Multi-Tenancy and Advanced Configuration
- Local Rule Creation
- Ongoing Updates and Adaptation
Key Features
- Network Segmentation: Implement robust segmentation to create secure zones with tailored IDPS profiles, isolating sensitive data and critical infrastructure from general user networks. This confines attacks to specific segments, ensuring rapid containment if lateral movement is detected.
- Detection and Prevention Framework: Crystal Eye’s IDPS identifies and counters lateral movement using network traffic analysis, anomaly detection, and response mechanisms
Operational Modes
Detection & Protection Mode: Alerts and logs suspicious traffic without blocking, allowing for thorough threat analysis. Administrators can configure profiles and rulesets for segmented interfaces.
- Inline Mode: Actively blocks malicious traffic based on predefined rules, preventing the spread of threats.
- Network Security Monitoring Mode (NSM): Provides detailed visibility into network activities, capturing and logging events to identify movement patterns.
Customizable Rulesets and Profiles: Administrators can create tailored profiles and rulesets for different network segments, detecting sophisticated threats and addressing unique security needs.
- Multi-Tenancy and Advanced Configuration: Efficiently manage multiple security zones and profiles with customizable local rules for detecting advanced tactics.
- Ongoing Updates: Keeps up with new lateral movement techniques through regular updates from Red Piranha’s Global Security Operations Team.
This is a fantastic opportunity to stay ahead of ASD's new standards and strengthen your organisation’s cybersecurity posture. So, join us in this knowledge sprint webinar to learn how your business can align with the ASD’s latest guidelines.
Event Details
Where: Online via Demio
When: Thursday, 26th of September 2024
Time: 11:30 AM - 12:00 PM AWST
01:30 PM - 02:00 PM AEST
01:00 PM - 01:30 PM ACST
03:30 AM - 04:00 AM UTC
International Scheduling:
EU Session - Thursday, 26th September 2024
Time: 12:00 PM - 12:30 PM CEST
06:00 PM - 06:30 PM AWST
08:00 PM - 08:30 PM AEST
07:30 PM - 08:00 PM ACST
10:00 AM - 10:30 AM UTC
US Session - Thursday, 26th September 2024
Time: 09:00 AM - 09:30 AM EDT
09:00 PM - 09:30 PM AWST
11:00 PM - 11:30 AM AEST
10:30 PM - 11:00 PM ACST
01:00 PM - 01:30 PM UTC
Format:
15-minute presentation
15-minute Q&A session
Key Presenters
George Boulis - General Manager, Sales at Red Piranha
Roland Casabar - Cyber Security Engineer & Incident Response at Red Piranha
Dylan Paquelet - Cyber Security Engineer at Red Piranha