Join us as we expand our Real Training for Free webcasts to cover the current state of preparing for, spotting, and addressing ransomware with this multi-session, 4-hour Ransomware Summit. Made up of four 1-hour sessions, this summit will be broken into the three critical aspects of your organization’s ransomware strategy as well as a fourth bonus session:
- Ransomware Prevention
- Ransomware Detection
- Ransomware Response
- Using Windows 11 Technologies to Fight Ransomware
This summit will be full of plenty of real-world ransomware examples, anecdotes, scenarios, and detail applicable to your role in cybersecurity – as well as plenty of opportunity to ask questions of our ransomware experts. The Summit agenda is as follows:
SUMMIT DATE: Wednesday, May 10th
SESSION 1: Preventing Ransomware: Building a Mitigation Strategy Using Attack Techniques Against the Attacker
TIMESLOT: 12-1pm ET
Having a well thought out strategy for the prevention of ransomware should be top of mind for any security professional – as the old saying goes “an ounce of prevention is worth a pound of cure”. And one of the best ways to prevent ransomware is to simply look at the most current attack techniques, looking for critical junctures where attacks can be halted in their tracks.
In this first 1-hour session, hear from Jason Silva, Senior Solutions Architect from BeyondTrust, as he looks at the evolution of ransomware, diving into some common ways infiltration occurs using Trickbot and Ryuk as the example, and some effective strategies for prevention that align with the MITRE ATT&CK Framework, including:
- Privilege Account Management
- User Account Control
- User Account Management
- Execution Prevention
SESSION 2: Detecting Ransomware: Building ransomware detections based on attacker playbooks using Conti as the example
TIMESLOT: 1-2pm ET
The Conti Playbook leaks – which began in alignment with the Russia-Ukraine conflict –give rare insight in to the world of RaaS affiliates and exactly how they operate. By understanding how attackers operate in the days and hours before ransomware is deployed network defenders may be able to prevent the full devastation of encryption by detecting attackers early in the kill chain.
In this second session of our first ever three-session Ransomware Summit we’ll hear from Kev Breen, Director Cyber Threat Research at Immersive Labs, as he takes a peek behind the attacker playbooks used by one of the most infamous Ransomware operators Conti. Using these playbooks as a guide, Kev will create threat hunting rules to detect behaviors and track an attack through the network analyzing logs and TTPs, including:
- Initial compromise
- Lateral movement
- Exfiltration of data
- Encryptor deployment
SESSION 3: Ransomware Incident Response: How to prepare. How to respond. How to remediate.
TIMESLOT: 2-3pm ET
No security solution is ever 100% effective at stopping ransomware attacks. The logical conclusion, then, is that some small percentage of attacks will be successful, despite your best cybersecurity stance efforts. So, you need to know what you’re going to do post-attack to remediate literally everything attackers touched, accessed, modified, and encrypted.
In this third and final session of our first ever three-session Ransomware Summit, join Advisory CISO, Chief Security Scientist, and Ethical Hacker Joseph Carson from Delinea as he takes you through a step-by-step example of how to effectively respond when an attack is detected – anywhere from initial credential compromise to escalated privileges, exfiltrated data and ultimately the ransomware deployment and ransom demand – including gathering evidence to craft a contextual response that remediates the attack and provides guidance to better secure the environment against future attacks in areas including:
- Privileged accounts (including but not limited to the targeting of Domain Admin Accounts, Emergency Accounts, and Privilege Data User Accounts)
- Manipulated data (including modified, deleted, and encrypted)
- Compromised systems and accounts
- Directory services
SESSION 4: Using Windows 11 Technologies to Fight Ransomware.
TIMESLOT: 3-4pm ET
This session will be presented by Randy Franklin Smith, founder of Ultimate Windows Security!
This real training for free summit will be jam packed with technical detail and real-world application. Join one session, or them all – but be sure to register today!