Webcast: Weaponizing Active Directory

Click on the timecodes to jump to that part of the video (on YouTube)

Download slides: https://www.activecountermeasures.com/presentations
0:54 Background behind this webcast, what and why
7:02 Creating resources in Active Directory, User accounts, Groups, and Dummy Computer accounts
18:54 Tools, ResponderGuard, General flow of attacks, reconnaissance, deception and planted credentials
38:12 Password Spraying, honey users, kerberoast, and multicast DNS poisoning
47:20 Detection with CredDefense Kit, ResponderGuard, ResponderGuard Agent, and SQL Server abuse attacks
53:43 Q&A and Closing Thoughts

This webcast was recorded live originally on August 1st, 2019 with David Fletcher.

The 2019 Verizon DBIR indicates that over 50% of all breaches take a month or more to detect.

This webcast covers basic techniques to catch attackers attempting lateral movement and privilege escalation within your environment with the goal of reducing that Mean Time to Detect (MTTD) metric.

Using tactical deception, we will lay out strategies to increase the odds that an attacker will give away their presence early after initial compromise.

Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts.

Join 1,563 other subscribers