Uncovering Legitimate Tools Abuse Using XDR and Forensic Analysis
Modern threat actors rely not only malware and common pen testing tools, but also absolutely legitimate software. Of course, it may affect company’s detection capabilities. We’ll look at multiple examples of such abuse from past and present incident response engagements and demonstrate how to use Group-IB’s Managed XDR for detection and threat hunting, as well as Magnet AXIOM and AXIOM Cyber for uncovering such behaviors during forensic analysis.