The Challenge of Detecting Lateral Movement | #Hacking | #computerhacking


Governance & Risk Management
,
Privileged Access Management
,
Remote Workforce

Tim Keeler of Remediant Discusses SolarWinds Attack, Remote Worker Threats


Tim Keeler, co-founder and CEO, Remediant

The SolarWinds supply chain attack is another example of the damage that lateral movement by system intruders can cause. Tim Keeler of Remediant says detecting lateral movement is challenging because of the size of today’s systems and the difficulty of filtering bad behavior from benign behavior in remote work environments.


“How do I know whether this is just an admin doing their regular activity, versus someone using those credentials in a malicious manner to get access to other systems? Because if you’re dealing with an environment that’s one or 200,000 systems, it’s really hard to scale this out,” Keeler says. “And how do you actually discern and understand what is malicious and what is just your day-to-day behavior?”


In a video interview with Information Security Media Group, Keeler discusses:

Keeler is co-founder and CEO of Remediant. Previously, he was a leader on the security incident response team at Genentech/Roche and served as a security consultant, with clients that included UCSF, Genentech/Roche, Gilead Sciences and CardioDX. He is a GX-certified Security Incident Handler and earned his GX Security Leadership Certification from GIAC. He holds U.S. Department of Defense Level 3 8750 IAT and 8750 IAM Management certifications; CHFI (Computer Hacking Forensic Investigator) from EC Council and a certification as a CCFE (Certified Computer Forensics Examiner) from IACRB.





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

87 − = 84