Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Catching WMI Lateral Movement in an Enterprise Network

BruCON Security Conference via YouTube

Overview

Explore Windows Management Instrumentation (WMI) detection techniques in this 43-minute conference talk from BruCON Security Conference. Gain insights into the challenges SOC analysts face in keeping up with evolving threats and vulnerabilities. Learn about WMI's prevalence in Windows systems and its appeal to both administrators and attackers. Discover a practical approach to detecting WMI usage at the network level, including custom IDS (Snort) fingerprints. Understand the initial naive approach, challenges encountered, lessons learned, and results obtained in developing WMI detection methods. Join the speaker in improving these techniques and enhancing enterprise network security against lateral movement attacks utilizing WMI.

Syllabus

07 - BruCON 0x0B - Catching WMI lateral movement in an enterprise network - Jaco Blokker

Taught by

BruCON Security Conference

Reviews

Start your review of Catching WMI Lateral Movement in an Enterprise Network

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.