Identity Threat Detection Workshop: 3 Real-World Attacks Across AD and Cloud
May 20 and 21
11 AM IST
-
Shirley
Product expert
Overview
In many organizations, Active Directory (AD) holds the keys to your environment. But over the past decade, the cloud is where access has expanded. Attackers target both, so the detections your SOC needs look different across each.
In this two-part workshop, we walk through real identity attack scenarios and show how Log360 Cloud detects and surfaces threats in each environment. From detecting short lived accounts and service account abuse to cloud-based brute-force attempts, both sessions are built around live demonstrations inside the product.
-
May 20
-
May 21
What we cover
Episode 1: Detecting threats inside Active Directory
- What effective AD monitoring looks like in a SOC.
- Monitoring and alerting for AD threats in Log360 Cloud.
- Use case demonstrations: Short lived accounts, privilege escalation through service account misuse.
- What to actively monitor in AD environments.
- Signals that shouldn't be ignored in AD environments.
Episode 2: Detecting identity attacks in cloud environments
- What effective identity monitoring looks like in cloud environments.
- Monitoring and alerting for identity threats in Log360 Cloud.
- Use case demonstration: Cloud-based brute-force login attempts.
- What to actively monitor in cloud environments.
- Signals that shouldn't be ignored.