Overview
Learn about credential access tactics and defenses in this hour-long security webinar featuring experts from CrowdStrike, MITRE ATT&CK®, and Red Canary. Dive deep into how adversaries exploit credential access (TA0006) to steal usernames, passwords, and tokens for system infiltration and evasion. Explore OS Credential Dumping (T1003) techniques, particularly LSASS Memory (T1003.001), while gaining practical insights into detection methods, mitigation strategies, and incident response. Master the collection of relevant telemetry through various tools and log sources, and discover how to test security controls by emulating suspicious credential access activity using Atomic Red Team. Includes access to a companion blog for supplementary reading and detailed reference material about protecting against credential-based attacks.
Syllabus
The Detection Series: Credential access
Taught by
Red Canary