Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Forensic Analysis of Compromised VPN Appliances by Advanced Actors

SANS via YouTube

Overview

Explore forensic analysis techniques for investigating compromised VPN appliances targeted by advanced threat actors in this 34-minute conference talk from the SANS DFIR Summit 2024. Gain essential skills for digital forensics and incident response practitioners to effectively analyze intrusions where VPN access served as the initial entry point. Delve into the methods used by threat actors to exploit VPN vulnerabilities, bypass authentication mechanisms, and deploy malware. Examine real-world case studies to learn how to identify indicators of compromise specific to VPN-related attacks, with a focus on unusual network traffic patterns, privileged account abuse, and persistence techniques. Acquire actionable insights to enhance incident response processes, develop threat intelligence, and proactively strengthen VPN defenses. Presented by Fernando Tomlinson, Technical Manager of Digital Forensics and Incident Response at Mandiant, and Matt Lin, Senior Consultant for Incident Response at Mandiant, this talk equips security professionals with valuable knowledge to combat sophisticated VPN-based attacks.

Syllabus

Forensic Analysis of Compromised VPN Appliances by Advanced Actors

Taught by

SANS Digital Forensics and Incident Response

Reviews

Start your review of Forensic Analysis of Compromised VPN Appliances by Advanced Actors

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.