Identity Threat Detection Workshop: 3 Real-World Attacks Across AD and Cloud
May 20 and 21
12 PM IST
-
Shirley
Product expert
Overview
In many organizations, Active Directory (AD) holds the keys to your environment. But over the past decade, the cloud is where access has expanded. Attackers target both, so the detections your SOC needs look different across each.
In this two-part workshop, we walk through real identity attack scenarios and show how Log360 detects and surfaces threats in each environment. From impossible travel and service account abuse to cloud-based brute-force attempts, both sessions are built around live demonstrations inside the product.
-
May 20
-
May 21
What we cover
Episode 1: Detecting threats inside Active Directory
- What effective AD monitoring looks like in a SOC.
- Monitoring and alerting for AD threats in Log360.
- Use case demonstrations: Impossible travel, privilege escalation through service account misuse.
- What to actively monitor in AD environments.
- Signals that shouldn't be ignored in AD environments.
Episode 2: Detecting identity attacks in cloud environments
- What effective identity monitoring looks like in cloud environments.
- Monitoring and alerting for identity threats in Log360.
- Use case demonstration: Cloud-based brute-force login attempts.
- What to actively monitor in cloud environments.
- Signals that shouldn't be ignored.