How to Identify and Prevent Evasive Threats Using your Organisation’s Data

  • Date 06 Jun 2019

How to Identify and Prevent Evasive Threats Using your Organisation’s Data

06 Jun 2019, 12:40 - 13:05

Tech Talks

Stealth operations that were once only possible for the most sophisticated state-actors, are now much more common. These new and sophisticated techniques bring new security challenges. 

Focusing on a real-world case study, we will disclose advanced evasive operations detected by our IR team and the ways organisations can use their VPN, DNS and proxy data to enrich their internal data sources like Directory Services and Mail-servers to unmask those attacks. 

We’ll also show how advanced perimeter correlations can help uncover other common threats, such as account hijacking, lateral movement, persistency and data exfiltration.

Learning Outcomes:

  1. Learn the new risk landscape utilising VPN access, DNS and Proxy
  2. Determine which data feeds and enrichments are best for your organisation.
  3. Know which internal data sources can provide strong correlation to which perimeter.
  4. Determine which fields and values are a must to build strong security visibility. 
  5. Learn about additional controls that complement the perimeter sources.



  • Snir Ben Shimol


    Head of Cyber Security

    Varonis Systems

    Snir is the Head of Cyber Security at Varonis, leading the security research, forensics and incident response teams. Snir began his career in the IDF...

Business Issues covered

  1. What will this session help you to do?
    • Mitigate the effects of new vulnerabilities and exploits‎
    • Understand internal and external threats and keep a business secure‎


We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.