INTERFACE Seattle
December 1st, 2022

  Presented by Red Canary

Ransomware has been a dominant cybersecurity threat for the better part of the last decade. However, it doesn’t walk alone. It’s almost always the eventual payload delivered by earlier-stage malicious software or activity. Luckily, if you can detect the threats that deliver the ransomware, you can stop the ransomware before it arrives.

In this talk, we’ll extensively reference Red Canary’s 2022 Threat Detection Report, examining the malware and other malicious tools that adversaries often use to deliver ransomware. While the specific trojans and strains of ransomware may change from one attack to the next, adversary tactics, techniques, and procedures are often similar across campaigns and threats. By developing robust detection coverage for the techniques adversaries abuse most often, rather than focusing on individual threats, security teams can achieve defense-in-depth against the many threats that leverage those techniques and the broader trends that dominate the infosec landscape.

Want to learn more about the prevalent adversary techniques and threats that can lead to a ransomware infection? Attendees will leave with:

  • A better understanding of the threats and tools that commonly precede a ransomware infection
  • Guidance on relevant collection and data sources that offer visibility into the threats and techniques that adversaries use to deliver ransomware
  • Actionable information on how security teams can develop the capacity to detect, prevent, and mitigate ransomware and other threats
  • Strategies for testing their ability to observe and detect common threats with free and easy-to-use tools like Atomic Red Team