What is darkspace, and what do you need to do about it? Once an attacker compromises a physical, virtual, or cloud host, their next step is to roam your extended (cloud, hosted, and on-prem) network looking for opportunity. The attacker looks like an insider: just one reason they are hard to identify. Another is the increasing use of encryption, including TLS 1.3, that will make it even less likely you can detect these activities without new tools. Gartner and other analysts are recommending Network Traffic Analysis (NTA) as an important element of a healthy risk posture, primarily because of its payoff in better threat detection and response.
We will walk through examples of blind spots and use cases for efficient and automated threat management for East-West and South-North attack activities. Then, as part of upgrading your security maturity, we will review case studies to leverage NTA's auto-discovery and visibility to reduce your attack surface, improve audit and pen test results, and make SOC analysts more productive.
Extrahop Networks Inc
Barbara Kay, Sr. Director - Security, Extrahop Networks Inc