From the course: Managed Detection and Response (MDR) Fundamentals
Unlock the full course today
Join today to access over 23,200 courses taught by industry experts.
Incident detection techniques and tools
From the course: Managed Detection and Response (MDR) Fundamentals
Incident detection techniques and tools
- [Instructor] So let's talk about incident detection techniques and tools. Now, Peyton has been introducing Dustin to incident detection. He's explained how incident detection is a pivotal first step in defending Red30 Tech against cyber threats. Peyton explains that core detection techniques are instrumental in defense mechanisms and talks about the difference between signature-based, anomaly-based, and behavioral-based detection, and how each serves as a unique complementary role to protect from all of those security issues. So let's talk about detection techniques, and there are three core detection approaches. The first one is signature-based. This is about identifying known malicious patterns. Second is anomaly-based. This is detecting deviations from normal behavior, and then behavior-based is studying system and user behavior to identify threats. Now, let's talk about signature-based first. So signature-based…
Contents
-
-
-
-
-
(Locked)
Incident detection techniques and tools5m 49s
-
(Locked)
Key detection tools4m 28s
-
(Locked)
Incident detection with Microsoft Defender for Endpoint8m 33s
-
(Locked)
Incident response workflow and phases6m 48s
-
Viewing security incidents in Microsoft 36510m 11s
-
(Locked)
Incident investigation and evidence collection7m 10s
-
(Locked)
Preservation techniques5m 36s
-
(Locked)
-
-
-