CrowdStrike's 2019 Global Threat Report details how adversaries typically dwell for 1 hour and 58 minutes before taking action after they've initially gained access to a machine. This "Breakout time", is all the time until an intruder jumps from the machine that’s initially compromised and moves laterally through your network.
This is a crucial window to stop the breach, but is not the only metric you need to know. When an attack is in progress, you have on average of one minute to detect it, 10 minutes to understand it and one hour to contain it. Is your organization ready to meet the 1/10/60 minute challenge?
Join CrowdStrike security experts for an important, in-depth discussion of the common hurdles organizations face in establishing an effective IR process. You will also learn how next-gen technology including endpoint detection and response (EDR) can help you overcome them.
Attend this session to hear CrowdStrike experts discuss:
- What breakout time is and what it means for defenders that are responding to attacks in real time
- How the incident response process unfolds and the barriers that keep organizations from mounting a rapid and efficient response
- The key steps you can take to improve your organization’s ability to rapidly detect, investigate and remediate threats
- Best practices for preventing, detecting in less than 1 minute, analyzing in less than 10 minutes, and responding in less than 60 minutes to stop adversaries
When you can detect, analyze, and recover before the 1 hour and 58 minutes from initial compromise, you WIN, and the adversaries LOSE!