Researchers have just showed how Microsoft Defender’s own kernel driver can be turned into a credential-dumping tool – bypassing LSASS protections without loading any new driver. Would your endpoint detection catch that? This webinar looks beyond the tool to the tactics, showing how security leaders can close real-world gaps without discarding the investments they already rely on.
Relevant for: CISOs and heads of information security; SOC managers and security operations leaders; IT and security architects; endpoint, infrastructure and technology owners responsible for security outcomes.
Webinar Details
Researchers have recently demonstrated how trusted security tools can be turned against organisations — raising important questions about how well endpoint defences truly hold up under real-world attack conditions.
Drawing on more than three decades of combined frontline experience, Ian Qvist and Jan Kaastrup explain the most common ways adversaries bypass EDR and how layered defences (compromise assessments, MDR, OS), hardware-level controls, and stronger processes can restore the advantage to defenders.
Grounded in real cases rather than theory, watch the webinar to:
Understand how attackers routinely bypass even well-configured EDR solutions.
Recognise the most common EDR blind spots & vulnerabilities in real environments.
Learn how to strengthen EDR with additional layers such as compromise assessments and MDR.
Gain a practical, step-by-step checklist for hardening endpoint security.
See how to improve proactive detection and response using threat intelligence and behavioral insights.
Take away concrete, immediately actionable measures to improve your organisation’s security posture.
Speakers
Ian Qvist, Director & Endpoint Security and Forensics Expert: Technology expert with more than 15 years of hands-on cybersecurity experience, advising organisations on endpoint security, incident response and operational defence. Ian brings practical insight from real-world compromises and remediation efforts.
Jan Kaastrup, CIO & Cybersecurity Expert: With over 20 years in IT security, Jan’s experience spans network architecture, forensics, incident response, malware research, penetration testing and financial fraud investigations. He is the author of “Usynlig fjende” (An Invisible Enemy) and a recognised voice on modern cyber threats and resilience.
About CSIS
CSIS Security Group A/S is a leading European pure-play provider of tech-enabled cybersecurity and intelligence services. Operating 24/7, we deliver Managed Detection & Response, Incident Response, Security Consulting across all sectors, and provide a world-class threat intelligence capability through our SecAlliance brand. Accredited by organisations including CREST, we actively support global security initiatives to positively impact the cyber community.
Stay Updated on Cybersecurity
Want to stay informed about new reports, webinars, and research from CSIS? Sign up for our newsletter.