SANS review: Investigate attacks on critical assets with Network Detection  and  Response (NDR)

SANS review: Investigate attacks on critical assets with Network Detection and Response (NDR)

ExtraHop
Published by: Research Desk Released: Nov 02, 2020

In the past decade, the information security industry has learned a lot about what attackers do during campaigns against targets. While we don’t always understand themotivation behind the attacks, most attacker goals focus on data access and exfiltration of sensitive data. ExtraHop’s Reveal(x) security analytics product helps solve the challenge of security monitoring and response by providing security analysts with a platform that can rapidly analyze huge quantities of data without having to store full network packets.

Sophisticated attackers often use advanced malware-based espionage that can aggressively pursue and compromise specific targets. These attacks include social engineering tactics, such as spear phishing attempts. Once a compromise occurs, attackers attempt to maintain a persistent presence within the victim’s network, escalating privileges and moving laterally within that network to extract sensitive
information to locations under the attacker’s control.