Tweet
Title: (Beginner) An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology
Description:
Have you ever wondered, how should I get started in Threat Hunting? How should I start? What should I hunt for? What tools should I use? How should I do it? Have you always wanted to hunt an APT? Then this intro level workshops is the right place for you. Our workshop will introduce hunting an APT style attack to detect malicious activity at each stage of an attack’s lifecycle.
This workshop will introduce you to the Attack Lifecycle model to create a fundamental framework for hunting adversaries. Our workshop will have you hunt an APT style attack to detect malicious activity at each stage of an attack’s lifecycle. This will enable you to connect information found at one stage as leverage for hunting in another stage.
Participants of this workshop will have the following takeaways:
- A fundamental understanding of the attacker mindset
- A fundamental understanding of the phases of the Attack Lifecycle
- Knowledge of the tools and techniques used by attackers
- An ability to hunt for attacker tools and techniques using a SIEM
- Exposure to an APT style attack
- IMPORTANT: This is a 101 Intro Workshop
Speaker(s): Ben Bornholm
Location: Blue Team Vlg / Blue Team Vlg - Workshop Track 2
Discord: https://discord.com/channels/7082082...54317658734613
Event starts: 2020-08-07 11:30 (11:30 AM) PDT (UTC -07:00)
Event ends: 2020-08-07 13:30 (01:30 PM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-02T23:17 (UTC).
Description:
Have you ever wondered, how should I get started in Threat Hunting? How should I start? What should I hunt for? What tools should I use? How should I do it? Have you always wanted to hunt an APT? Then this intro level workshops is the right place for you. Our workshop will introduce hunting an APT style attack to detect malicious activity at each stage of an attack’s lifecycle.
This workshop will introduce you to the Attack Lifecycle model to create a fundamental framework for hunting adversaries. Our workshop will have you hunt an APT style attack to detect malicious activity at each stage of an attack’s lifecycle. This will enable you to connect information found at one stage as leverage for hunting in another stage.
Participants of this workshop will have the following takeaways:
- A fundamental understanding of the attacker mindset
- A fundamental understanding of the phases of the Attack Lifecycle
- Knowledge of the tools and techniques used by attackers
- An ability to hunt for attacker tools and techniques using a SIEM
- Exposure to an APT style attack
- IMPORTANT: This is a 101 Intro Workshop
Speaker(s): Ben Bornholm
Location: Blue Team Vlg / Blue Team Vlg - Workshop Track 2
Discord: https://discord.com/channels/7082082...54317658734613
Event starts: 2020-08-07 11:30 (11:30 AM) PDT (UTC -07:00)
Event ends: 2020-08-07 13:30 (01:30 PM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-02T23:17 (UTC).