Detecting Pass-the-Hash with Honeypots

Pass-the-hash and pass-the-ticket attacks can be some of the most effective techniques for attackers to use to move laterally throughout your organization, and also the most difficult to detect.  Most detections rely on differentiating between what is normal behavior for a user and what is abnormal.  While this can be effective, it is also time consuming and results in lots of false positives.  

In this webinar, Jeff Warren, SVP of Technical Product Management & Development, will explore how to use modern honeypot techniques to lay traps for attackers and emphatically detect the use of the pass-the-hash technique within your organization.