Today, people connect to corporate networks, cloud databases, and a variety applications from everywhere with all kinds of devices. Enterprises can no longer make the assumption that authenticated or trusted devices/users are secure. Therefore, the zero trust security model is an important strategy for strengthening the security of critical data and systems, especially in a hybrid, dynamic workplace. It is a more advanced, agile, and effective approach to security, compared to the traditional security model.
Comprehensive visibility and understanding of risks are the foundation of effective security prioritization and automated zero trust access controls. Unfortunately, a lot of solutions labeled as "zero trust" do not really understand how to evaluate trust.
Activities of this session include:
1.) Attack and defense drills. Get first-hand experience of hackers' stealthy intrusion techniques.
2.) Hands-on labs. From the defender's perspective, learn how to identify the root cause of an incident and determine the scope of its impact.
3.) Incident investigations. Collect evidence and think how to response with remediation measures, how to implement such measures with existing defenses, and how to stand in the executives' shoes to provide critical information for CISO and SOC teams to make informed decisions.
Through hacker intrusion case studies and hands-on labs, participants will learn how to think and act like hackers, how to investigate and respond to incidents on the XDR platform, and how to evaluate the security risks of users and devices, plus the overall posture of the enterprise, using the indicators on the dashboards.
1. Use recent real-world cyber attacks as examples to illustrate why enterprises need XDR?
2. Demonstrate what XDR capabilities are required to get a complete view of an incident through hands-on operations.
3. Walk through the process of incident investigations to gain insights into the entire attack lifecycle. Help participants think about their own zero trust strategy and implementation guidelines.
N/A
Recommended for IT or security administrators and professionals