When Security Tools fail you, what can you do to close this gap?

We all have some sort of security tools, AV, EDR, IDS/IPS, FIM, MFA, Authentication, etc. So what happens when the nefarious neer-do-wellers circumvent these controls and compromise you, either disabling these tools, or doing things that do not trigger alerts, what do we do ????

This talk will discuss what we see happening and what could be detected when your security tools fail, or are bypassed. More so, you may already have what you need, or may have to seek some budget to help you close this gap. This talk is for the SOC, Incident Responder, Threat Hunters, and even managers to learn what to focus on to address this gap.