The recent surge of ransomware attacks has highlighted a shift in tactics employed by threat actors looking to extort organizations. Their methodology has changed from a quick, opportunistic attack to a prolonged, targeted approach. This shift in methodology presents threat groups with the opportunity to encrypt more critical data, but also presents security teams with the opportunity to detect activity before data is encrypted. In this talk we'll explore how this allows security analysts to use network detection and response capabilities to discover malicious activity between initial compromise and encryption.

This segment is sponsored by Gigamon. Visit https://securityweekly.com/gigamon to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw207