Trend Micro Vision One Demo and Overview

Trend Micro Vision One Demo and Overview

SUBTITLE'S INFO:

Language: English

Type: Robot

Number of phrases: 130

Number of words: 728

Number of symbols: 3422

DOWNLOAD SUBTITLES:

DOWNLOAD AUDIO AND VIDEO:

SUBTITLES:

Subtitles generated by robot
00:02
hello everyone this is chuck pham uh this is coach mangut we're here with trend micro today to show you how vision one can improve your organization's security posture and allow you to detect and respond to today's threats so vision one is a purpose-built threat defense platform where we bring together telemetry from endpoint server cloud email and networking to provide xdr capabilities with in-depth investigation functionality wow that's a lot of layers with trend micro vision one you can see
00:34
more with automated and cross layer detection models which help tie together those siloed events xdr quickly paints the picture of the attack so you can understand and respond faster and we also provide api connections to third parties including sim and sword platforms which should be good news for some of your short staffed teams out there now for for an example let's let's take a quick look at how vision one can detect and respond against modern day attacks such as ryuk so let's hop right in
01:07
so right off the bat you you go right to your dashboard and it's a customizable dashboard that gives you risk insight to areas of interest for your organization uh we're not going to concentrate on this we're going to jump right into our workbenches and open up the ryuk workbench so once once you open up the workbench you can see on the left where we have our highlights and our summary you can see that if you click on the technique where it says possible spear phishing link
01:43
on the right you'll see the components that were part of this technique from the user jesse sending an email with a suspicious link to our user sam from here we can do some mitigating responses as far as blocking senders deleting the message quaranting the message etc yep and then moving on to once the user clicked on this email we're going to look at the second part of our highlights here the rarely access and noteworthy domain once sam clicked on this email this
02:14
phishing link we're able to see that his machine reached out to a suspicious domain possibly a command and control server and we can see that there's a malicious exe file associated with that we can take the appropriate response actions such as isolating the machine starting a remote shell collecting a file and we can also drill down deeper into the network analytics report so what this will do is allow us to play back from a network perspective what happened once sam clicked on that malicious email we can see here that samsbc has made an
02:45
http callout to that command and control server we're seeing smb traffic lateral movement across the environment and other machines are reaching out as well so i wanted to quickly point out that we're seeing only ip addresses here is because these are actually iot devices possibly printers or maybe unmanaged devices in the network where you don't have an agent on it right so from here we'll take a quick look at our search functionality um it's it's a pretty robust search
03:18
engine that we have inside of vision one where you can search either through the entire data lake uh covering all the different silos of your environment or drilling down into an individual uh you know either endpoint or email type of a search um from there you can see that we have a lot of different um filters or search criteria that we can look up from sha values to user names to ip addresses uh you know it's a it's a pretty pretty robust list um but hey chuck
03:50
let's take a quick look at the threat intelligence piece with our intelligence reports sure thing chris i'm glad you brought that up the intelligence reports piece allows trend micro to automatically sweep your environment for indicators of compromise related to the latest threats of today such as the ryuk and this is only one example of a type of attack that vision one can help your organization detect and respond to if you would like additional information or would like to go deeper into the product and its functionalities please
04:21
let your sales rep know and we'd be more than happy to help set up a demo you

DOWNLOAD SUBTITLES: