Ransomware doesn't magically materialize across endpoints at an organization. Adversaries often use other malware or legitimate tools to deliver it. Whether it's during lateral movement, command and control, or data exfiltration, defenders have multiple opportunities to detect precursor activity and prevent a ransomware infection long before anything gets encrypted.In this talk, we're going to discuss trojans, offensive tools, file transfer utilities, and other software that frequently precedes a full blown ransomware infection. As it turns out, many ransomware precursors are very conspicuous, and if you can stop them in their tracks, you can prevent a ransomware incident. Attendees will walk away from this talk with specific and detailed guidance on how to observe and detect the threats that often lead to a ransomware infection.

Sponsored by Red Canary