In financial institutions, complex environments and the constant threat of attack by sophisticated actors is typical. Such environments demand insights both in real-time and historical all at scale. In this video, we’ll show a brief example of threat hunting using Reveal(x) and test the hypothesis: “We will see remote service creation in the PC subnet over the last 7 days.” We’ll explore the Microsoft Remote Procedure Call (MSRPC) protocol and the CreateServiceW function to hunt for indicators of lateral movement or other advanced attack stages like persistence. Learn more at xtra.li/3DcoKy6 Want to try ExtraHop for yourself? Check out our online demo: xtra.li/3aogz1L #Cybersecurity #FinancialServices #ThreatHunting