Expert in solution development on endpoint with more than 5 years of experience in developing AntiVirus and EDR (Endpoint Detection & Response) products
Viettel EDR team leader, the product has been deployed for Viettel Group and some of big customers in Vietnam.
A former speaker of the “Hacker Mu coi # 2” with the topic “Windows Command-line Obfuscation from A to Z”
Incident response with Viettel EDR
Today, organizations and businesses face many difficulties with detecting, identifying, investigating and responding to attacks on organizations. Traditional malware prevention technologies such as Anti Virus based on signatures are difficult to manage when faced with unprecedented attacks due to the lack of an immediate support and investigation tool.
The technology of the Endpoint Detection and Response solution (EDR) helps address the above shortcomings and gives a closer look at the relevant information on the endpoint to detect and mitigate the damage. In addition, supporting the incident response flow (IRFlow) helps the incident response process more quickly and efficiently. The level of damage to the organization is minimized as it does not take too much time to wait for signature updates like the traditional Anti Virus solutions.