Rapid7's Managed Detection and Response (MDR) and Incident Response (IR) teams responded to multiple instances of organizational compromise in which a threat actor employed several unique tools, techniques, and procedures (TTPs), including the legitimate remote access tool, ScreenConnect, to maintain persistent access to the compromised environments.
In this session, learn how Rapid7's MDR service used the visibility and insights to track down and eradicate the threat actor from other organizational environments through the use of open-source intelligence, threat hunting, detection engineering, and ongoing customer partnerships.