EDR Evasion and Incident Response

EDR Evasion and Incident Response

Thursday, May 30

A Webinar with Brian Carrier and Mike Wilkinson

EDR is a critical part of a robust cyber security system, but attackers often find ways of avoiding or delaying detection. These evasion techniques mean the EDR doesn’t have all of the information you’ll need to conduct alert validation or a forensic investigation.

In this webinar, we’ll look at how EDR evasion works and its implications for investigating alerts. Namely, that an attacker could have been evading the EDR for several days before triggering an alert and the EDR does not have visibility about what happened.

Collecting additional digital forensics and incident response (DFIR) artifacts for your investigation is critical. We will talk about types of DFIR collection tools that you can use and how to integrate them with your EDR.

Register Now