Web: https://www.youtube.com/watch?v=_FIH70C50Zk

Nov. 23, 2022, 3:55 p.m. | SANS Digital Forensics and Incident Response

SANS Digital Forensics and Incident Response youtube.com

SANS DFIR Summit 2022

Speaker: Thomas Diot

For a few years now, Active Directory has been the preferred target of ransomware operators, and some APTs, to elevate privileges, maintain persistence, and execute malware at scale. Attackers had for instance obtained privileged Active Directory access in 95%+ of the IR on large perimeters handled by the CERT-W in 2021. As DFIR analysts, we are often asked to help reduce the risk of re-infection during Active Directory forest recovery. Uncovering and addressing …

active directory directory hunting persistence

Security Operations Lead

@ Vattenfall | Amsterdam, Netherlands

Technology - Energy and Natural Resources sector, Security Strategy & Governance, Cyber Defence, Identity & Access

@ KPMG Australia | Sydney, Australia

DevSecOps Manager

@ Nexient | United States

IT Security Manager (REF194D)

@ Deutsche Telekom IT Solutions | Budapest, Debrecen, Pécs, Szeged, Hungary

Security GRC Consultant

@ Devoteam | Zaventem, Belgium

Information Security & Data Privacy Specialist

@ SirionLabs | Gurugram, Haryana, India

Junior Security Engineer

@ Eurofins | Barcelona, Spain

Senior Application Security Engineer [Remote - UK]

@ Confluent, Inc. | Remote, England

Threat Analysis Security Engineer

@ MANGOPAY | Paris, France

Sr. Professional Services Consultant II

@ Palo Alto Networks | Denver, CO, United States

Senior Offensive Security Engineer

@ MANGOPAY | Paris, France

Consultant SecDevOps H/F

@ Devoteam | Toulouse, France