The “Assumption of Compromise”: Government Agency Best Practices

Logo
Presented by

Ian Farquhar, Security CTO and Stephen Goudreault, Cloud Security Evangelist

About this talk

It’s not a matter of “if” but “when” organizations are breached. That’s the premise that Federal agencies operate under and it’s one that would be prudent to follow. With an Assumption of Compromise, it’s assumed that threat actors are currently living off the land (LTOL) using applications and protocols already available in workloads. Why LTOL and similar attacks can go unnoticed is because of a critical gap in traditional logging that is often overlooked. Learn why relying on logs from a firewall or router as the single source of truth is not enough. In this session, we will take a broad look at logging from the perspective of government threat hunting, and how it can be greatly enhanced with network-derived intelligence to make it far more resilient and harder for bad actors to defeat.
Related topics:

More from this channel

Upcoming talks (11)
On-demand talks (185)
Subscribers (26112)
Gigamon® offers a deep observability pipeline that efficiently delivers network-derived intelligence to cloud, security, and observability tools. This helps eliminate security blind spots and reduce tool costs, enabling you to better secure and manage your hybrid cloud infrastructure. Gigamon has served more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, 9 of the 10 largest mobile network providers, and hundreds of governments and educational organizations.