An attacker's most efficient approach to a pay day is to land on a host and then 'live off the land' using the residue of errant credentials and connections left behind from the course of daily operations-cached domain admin credentials, disconnected RDP sessions, local admin accounts using the same password, and more. Once an attacker grabs domain credentials, the odds are against you successfully detecting lateral (or vertical to cloud) movement when their activity appears 'normal' to most security tools and established baselines. Given the turbulent state IT security driven by massive employee shifts to WFH status, existing tools are all the more challenged to discern real threats from false positive anomalies. To flip the odds in your favor, we will share how distributed, endpoint-based deception technology is helping deliver incontrovertible detection of attacks in motion, be it external threat actors or malicious insiders. Rather than resource intensive 'probabilistic' alerts that end up as false alarms, deception technology has emerged as a 'deterministic' solution for early attack detection, allowing organizations to build new forms of automated threat response armed with precise, source based forensics.
An accomplished IT executive with broad experience across multiple technology sectors, industries and geographies, who has led and managed significant global organizations focused on emerging technologies with aggressive revenue targets. With a core focus in sales leadership, Bob has managed global sales and consulting organizations responsible for significant annual revenue targets as well as early stage companies seeking their first customer citations. The past eight years have focused primarily on the European market. Bob has a BSc in Information Systems from Virginia Commonwealth University.