YoVDO

Catching WMI Lateral Movement in an Enterprise Network

Offered By: BruCON Security Conference via YouTube

Tags

BruCON Courses Cybersecurity Courses Threat Detection Courses Windows Management Instrumentation (WMI) Courses

Course Description

Overview

Explore Windows Management Instrumentation (WMI) detection techniques in this 43-minute conference talk from BruCON Security Conference. Gain insights into the challenges SOC analysts face in keeping up with evolving threats and vulnerabilities. Learn about WMI's prevalence in Windows systems and its appeal to both administrators and attackers. Discover a practical approach to detecting WMI usage at the network level, including custom IDS (Snort) fingerprints. Understand the initial naive approach, challenges encountered, lessons learned, and results obtained in developing WMI detection methods. Join the speaker in improving these techniques and enhancing enterprise network security against lateral movement attacks utilizing WMI.

Syllabus

07 - BruCON 0x0B - Catching WMI lateral movement in an enterprise network - Jaco Blokker


Taught by

BruCON Security Conference

Related Courses

Windows Server 2016 Security Features
Microsoft via edX Detecting and Mitigating Cyber Threats and Attacks
University of Colorado System via Coursera Threat Detection: Planning for a Secure Enterprise
Microsoft via edX Microsoft Professional Capstone : Cybersecurity
Microsoft via edX Cyber Security Operations (Cisco CCNA)
The Open University via FutureLearn