Discover how to identify and address shadow IT and unauthorized remote access in this 50-minute RSA Conference talk. Learn about the risks associated with vendor access to networks, often implemented without explicit permission. Explore real-world examples, including the TeamViewer and Nuance attacks, to understand the scope of the problem. Gain insights into vulnerability management changes, IoT security challenges in healthcare settings, and effective network monitoring techniques. Master the use of tools like Tshark, Wireshark, Zeek, and Real Intelligence Threat Analytics (RITA) to detect long connections and potential beacons. Apply these practical strategies to enhance your organization's security posture and mitigate risks associated with shadow IT and remote access vulnerabilities.
Shadow IT and Shadow Remote Access - How to Find It
Overview
Syllabus
RSAConference 2020 San Francisco February 24-28 Moscone Center
Goals
Changes in Vulnerability Management
Quick Question...
Egypt, Beau, Joff and my Fridge...
IoT Case Study: Hospital in Wyoming
An Exception..
Tshark Hunting
Wireshark
Zeek and User Agent Strings
Real Intelligence Threat Analytics
RITA and Long Connections
RITA and Beacons
Apply!
Process
Taught by
RSA Conference
