Anyone who performs detection and response in the cloud knows that figuring out how to get the right signal for analysts to efficiently do their job is … challenging. Microsoft provides lots of great security capabilities but there’s no “easy” button for figuring out what signals you should turn on and how to use that data. Join Expel’s top security operations center analysts and keynote speaker Mandana Javaheri from MSFT for an afternoon full of tips and tricks on how to kick start or level up your detection strategy across the Microsoft security suite.
Tuesday, July 20 11:00 AM EDT
Keynote: How MSFT thinks about security strategy
Learn about Microsoft’s strategic approach to security. Mandana Javaheri, Global Director, SCI Business Development at Microsoft, will talk about XDR – how to expedite detection & response and remediation – and the ways Expel and Microsoft work together to support our joint customers. You’ll walk away from this talk with a better understanding of modern approaches to security and how partners can help level-up detection capabilities.
Mandana Javaheri Global Director, SCI Business Development, Microsoft
Tuesday, July 20 11:30 AM EDT
How to use Defender for Endpoint to investigate a ransomware incident
If you have Defender for Endpoint, you’ve got one of the best EDR tools on the market. But do you know all of the ways you can optimize it? Join us as we dive into some of our favorite things about Defender for Endpoint and share the tale of a real ransomware incident we uncovered at Expel and how we used the capability baked into Defender for Endpoint to quickly identify the source of the compromise and remediate. This will also serve as a deep-dive into how we use the Expel Workbench™ to augment the capability of Defender for Endpoint and the automation we have built around the MS product suite.
Tyler Fornes, Global Response Manager, Expel
Tuesday, July 20 12:30 PM EDT
Detections in your cloud infrastructure
Hosting your infrastructure in the cloud comes with promises of reliability, scalability and cost efficiency. Securing this infrastructure, however, requires a special focus. It can be a real challenge to make sense of all of the sources of data and build out a detection strategy. In this talk, we’ll review what data sources and security services exist in Azure and lay out a mental model you can use to build your own detection strategy based on your unique risks.
Dan Whalen, Principal Detection & Response Engineer, Expel
Tuesday, July 20 1:00 PM EDT
How our customers with Microsoft tools detect and protect against attacks
Join us for a conversation with Joe Oney, Security Operations Manager at Hogan Lovells, to hear about how he and his team use Microsoft security tools to keep their org safe. He’ll share some tips and tricks on how to support your Microsoft stack and amplify alerts, along with some Microsoft-specific lessons learned.
Joe Oney, Security Operations Manager, Hogan Lovells
Pete Silberman, CTO, Expel
Tuesday, July 20 2:00 PM EDT
3 ways to detect BEC in O365
Phishing attacks are on the rise and BEC is still the number one tactic. In order to keep your org and its users safe, it’s important to understand the BEC attack life cycle and know where to look to spot evil – especially as these attacks continue to evolve. In this session you’ll find out what the BEC attack life cycle looks like, what signal is available in Microsoft Azure and O365 to detect a potential BEC attack and get three tips on how you can detect an attacker in your Exchange Online environment.
Anthony Randazzo, Manager, Detection & Response Engineering, Expel
Tuesday, July 20 2:30 PM EDT
Hunting in your Microsoft environments
Hunting can be a game changing strategy for your security posture. But how do you start building that strategy? Using a vulnerability-centric approach isn’t enough. Hunting techniques need to focus on a proactive approach as the threat landscape has evolved to new places – like the cloud. Learn how to develop hunts that are hypothesis-driven and use a threat-centric approach to identify areas in your environment that need improvement.
Bryan Geraldo, Senior Detection & Response Engineer, Expel
Global Director, SCI Business Development, Microsoft
Global Response Manager, Expel
Senior Detection & Response Engineer, Expel
Security Operations Manager, Hogan Lovells
Principal Detection & Response Engineer, Expel
Manager, Detection & Response Engineering, Expel
Need help today with your Microsoft alerts? Learn more about Expel for Microsoft at https://expel.io/solutions/microsoft-detection/