Wednesday 23 October 2024, 11am-12noon (BST)
With the shift away from endpoint and network attacks toward identity-based techniques, attacks are happening entirely in the browser, over the internet, with no local malware deployment – leading to a significant detection gap.
We covered various attacker techniques and tools that can be detected in the browser, with video demos of:
- Detecting web-based obfuscation techniques like HTML smuggling and tracking dynamic malicious links
- Building security alerts and scripts to detect malicious activity or proactively flag identity vulnerabilities
- Taking auto-screenshots when certain events are triggered to enrich SIEM tickets
- Preventing users from creating and accessing accounts with weak, reused, or previously breached passwords to reduce the risk of identity compromise
In this webinar, we explored how browser extensions can provide defenders with a unique opportunity to gain visibility into attacks targeting the cloud identities that your employees use to access work apps via the browser, and why hunting for attacks in the browser can be more advantageous when working with modern web technologies than network-based tools like the web proxies of yesterday.
This session recording is ideal for technical security practitioners responsible for security monitoring and detection engineering. SecOps / DART managers and analysts will get the most benefit, but the talk will also be beneficial for technical security leaders and offensive security professionals.
Guest chaired by
Dr Olivia Bosch, Independent Information Governance, Security and Assurance Professional
Presented by
Luke Jennings (info), VP R&D, Push Security