58 min

Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD Black Hills Information Security

    • Tech News

BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission!







We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.”







Download slides: https://www.activecountermeasures.com/presentations/







2:47 – Why Are We Doing This?







5:07 – AT7: The Logs You Are Looking For







7:41 – AD Best Practices to Frustrate Attackers







9:37 – AT 5 – Complete Takedown & AT 6 – IOCs







12:04 – Blue Team-A-Palooza







14:22 – Windows Logging, Sysmon, and ELK – Part 1







16:45 – Implementing Sysmon and Applocker







21:45 – …And Group Policies That Kill Kill-Chains







22:31 – Here Are Some Important Blogs







23:35 – Summary Complete







25:28 – Introducing the Atomic Red Team







27:50 – Installing the Atomic Framework







29:29 – Squibbly Doo; The Results; Let’s Take A Step Back: The Atomic Tests; Another Step Back: WEF / Winlogbeat Config







33:41 – Executing T1015; Catching Executables; Executin...

BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission!







We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.”







Download slides: https://www.activecountermeasures.com/presentations/







2:47 – Why Are We Doing This?







5:07 – AT7: The Logs You Are Looking For







7:41 – AD Best Practices to Frustrate Attackers







9:37 – AT 5 – Complete Takedown & AT 6 – IOCs







12:04 – Blue Team-A-Palooza







14:22 – Windows Logging, Sysmon, and ELK – Part 1







16:45 – Implementing Sysmon and Applocker







21:45 – …And Group Policies That Kill Kill-Chains







22:31 – Here Are Some Important Blogs







23:35 – Summary Complete







25:28 – Introducing the Atomic Red Team







27:50 – Installing the Atomic Framework







29:29 – Squibbly Doo; The Results; Let’s Take A Step Back: The Atomic Tests; Another Step Back: WEF / Winlogbeat Config







33:41 – Executing T1015; Catching Executables; Executin...

58 min

Top Podcasts In Tech News