Maze Ransomware Deep Dive: Using Threat Research Reports and MITRE ATT&CK to Turn Analysis into Action with Maze as an Example

Webinar Registration

Threat research can be an invaluable asset to security teams when attempting to formulate a proactive stance or reactive response. Whether the subject is a previously undocumented attack type or a new variant of a well-known threat, research can provide needed context and insight that help practitioners identify and resolve gaps in their security program in order to avoid being exploited.

But techniques, methods, and actions found in threat research don’t always easily translate into practical steps you can take to prevent, detect, mitigate, or respond should a particular attack occur. While research can offer up specifics that can educate you on what occurs during an attack, what you really need is for those details to be transformed into strategies and actions based on the cybersecurity frameworks you rely on including MITRE ATT&CK and NIST to make the research truly valuable.

So, how can you take third-party threat research and turn it into actionable takeaways for your specific team?

To teach how you can make the most of threat research, during this webinar, Dan Kaiser and Sally Vincent from the LogRhythm Labs team are going to walk you through their process for reviewing third party reports using the real-world example of Maze ransomware, demonstrating how threat research can be truly useful in protecting your organization from the latest developments in cyberattacks.

Specifically, Dan and Sally will showcase how they used third-party intelligence to bolster the SOC’s ability to defend against attacks using Maze ransomware as the example. They’ll review how to:

  • Turn threat details into new monitoring and threat hunting techniques
  • Configure your security solution to incorporate those actionable takeaways
  • Use samples of Maze that have been reverse engineered to test your newly configured solution

Dan and Sally will also demonstrate how to map third-party threat reports to MITRE ATT&CK techniques that can be used to develop mitigation, detection and response actions including:

  • Initial Access
  • Execution
  • Persistence
  • Privilege Escalation
  • Discovery
  • Lateral Movement
  • Impact

Please join us for this real training for free event.

First Name:   
Last Name:   
Work Email:  
Phone:  
Organization:  
Country:    
State:  
Zip/Postal Code:  
Job Title:
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.

 

 

Additional Resources