The Endpoint Detection Net solution elevates security control by accurately raising alerts and taking proactive measures to derail attackers. These capabilities include early attack detection based on:
- Unauthorised active directory queries from an endpoint.
- Theft of local credentials.
- Attempts to compromise file servers by moving to mapped shares.
- Network reconnaissance to find production assets and available services.
- Man-in-the-middle attacks where attackers try to steal credentials in transit.
- Identifying the available attack paths that an attacker would take to move about the network.
Read the full article here.