Symantec Endpoint Security (SES) Complete is one of the most powerful endpoint security products in the industry with many cutting edge features for preventing, detecting, analyzing, and responding to advanced threats.
Harnessing this power can be a bit overwhelming for anyone who wants to take advantage of the numerous options for hunting, analyzing telemetry data, and remediating threats.
That’s why I authored the white paper, “How Symantec Endpoint Security Complete Helps Detect, Investigate and Respond to Advanced Attacks”. As a Senior Technical Director and Cyber Analytic Lead at Symantec, I use SES Complete every day. I study attacks and how to use SES Complete to stop them. This practice gives me real-world experience with the best way to use SES Complete. And I want to share that knowledge.
Demonstrating the protection potential of the advanced technologies in our endpoint solution, the paper shows what SES Complete can do when the full array of its capabilities are deployed against specific threats. The tips and tricks described are meant to help your SOC teams take advantage of this potent tool.
Starting with a realistic attack, the paper provides a step-by-step guide on how to best use SES Complete’s extensive hunting, investigation and remediation capabilities, including:
- Using Adaptive Protection to customize security to your organization, closing down attack avenues before they can be exploited.
- Seeing how an attack unfolds in clear MITRE ATT&CK language as well as low level details of how a technique was implemented.
- Understanding the techniques used in the attack, plus details about how the attack unfolded. With this information, you will know what data was compromised, how to best remediate the threat, and how to prevent similar attacks in the future.
- Performing custom investigation and remediation using Live Shell, allowing you to use whatever tools you prefer to gather memory dumps, perform custom remediation, or anything else.
- Writing your own custom protection.
It’s one thing to own one of the most powerful Endpoint protection tools on the market today. It’s quite another to take full advantage of it. I hope customers with a learn@broadcom account will check out the paper and put SES Complete to work for you today.
We encourage you to share your thoughts on your favorite social platform.