Published on October 4th, 2016 | by Tony Thompson
Gone in 60 Seconds: Breach Detection in a Snap
How fast can you detect a breach? This video highlights how you can uncover a previously unknown advanced threat or breach in a minute or less using SS8 BreachDetect. The process is simple:
- Log into the SS8 BreachDetect system using your credentials
- Navigate to the “Threats” panel
- Identify any High Risk devices of interest from the kanban board
- Drag a High Risk device of interest into the “in progress” column
- Click the Indicators of Attack icon
- Drill down into specific behaviors, communication patterns and applications associated with that device by shift-clicking.
- Hover over any communications flows to identity detailed information such as UserID, destination, MacID, file type, file size, MD5 and SHA1 hash values, and more.
Follow your organization’s remediation procedures, such as removing the device from the network, and you’re done.