Incident Response: Why You Need to Detect More Than Pass the Hash

Watch this on-demand webcast today

In this technical presentation for incident responders and other security professionals, we will discuss how compromised credentials are a key predatory weapon in the attacker’s arsenal. This isn't changing in the foreseeable future. We will systematically explore why they can be prevented but never cut off completely, and how to leverage this knowledge in detection. We will discuss indicators of compromise (IoCs) for Pass-the-Hash (PtH) attacks in depth, while detailing more efficient detection techniques focused on misused, “donated”, or otherwise compromised credentials.

In this webinar, participants will learn about:

  • Why stolen credentials are going to be used
  • How not to detect them
  • How you can detect the characteristics
  • What is more important than the exact characteristics
  • How Rapid7 can automate this detection for you

Speaker Information

Matt Hathaway is the Senior Manager, Platform Products at Rapid7, continuously speaking with security teams and leading the direction for the Company's new product lines. Prior to joining Rapid7, Matt was a member of the Office of the CTO (OCTO) and product management teams for RSA. He has been working in fraud prevention, security, and IT for 12 years and has experienced both sides of the fence. He has a BSc in Computer Engineering and an MBA from Northeastern University.

Jeff Myers is the Lead Software Engineer on InsightUBA (formerly UserInsight) by Rapid7, focusing on cloud platform architecture, scalability, security and feature development. Prior to joining Rapid7, Jeff worked on enterprise-scale storage monitoring products at NetApp and development tools at IBM. Jeff has a B.S. in Computer Science from Rochester Institute of Technology.


Fill out the form below to watch this webcast