Overview
Explore the intricacies of cybersecurity and learn how to disrupt the attack killchain in this comprehensive conference talk from AIDE 2018. Delve into common threats, attack methodologies, and defensive strategies across various stages of the killchain. Gain insights on reconnaissance mitigation, delivery defense mechanisms, exploitation prevention techniques, and effective monitoring practices. Discover tools and tactics like DNS sinkholes, threat lists, honeypots, and Bloodhound for enhanced security. Examine the weaponization and privilege escalation phases, and understand the importance of multi-factor authentication and advanced monitoring solutions like Splunk. Join Amanda Berlin as she provides a detailed walkthrough of cybersecurity concepts, practical demonstrations, and actionable defensive measures to fortify your organization against evolving cyber threats.
Syllabus
Intro
What is the Killchain
Common threats
Attack Killchain
Recon
Mitigation
Delivery
Defensive medications
Default application associations
Flag malicious file types
Exploitation
Group Policy
Microsoft Office
Floss
Ransomware
Defensive Mitigation
Monitoring Learning
Command and Control
DNS Sinkhole
Threat Lists
DJs
Splash Page
Honey Directory
Bloodhound
Powershell Script
Responder
Passwords
Factor Auth
Splunk
Bloodhound Demo
Weaponization
exploitation phase
privilege escalation
Amanda Berlin