Breaking the Attack Graph - How to Leverage Graphs to Strengthen Security in a Domain Environment
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a 26-minute Black Hat conference talk on leveraging graphs to enhance security in domain environments. Discover how defenders are shifting from list-based thinking to graph-based approaches to combat sophisticated attackers. Learn about tools like BloodHound and GoFetch, and examine prevention strategies involving vulnerable nodes and node disconnection. Delve into detection techniques using logon graphs and weighted logon graphs, complete with examples and a discussion of pros and cons. Gain insights into investigation methods and understand how graph-based thinking can revolutionize security practices in large-scale environments.
Syllabus
Intro
BLOODHOUND
GOFETCH
ATTACKERS VS. DEFENDERS ATTACKERS
HOW CAN DEFENDERS USE GRAPHS?
DATA SOURCES
PREVENTION: VULNERABLE NODES
PREVENTION: DISCONNECTING NODES
DETECTION: LOGON GRAPH
DETECTION: WEIGHTED LOGON GRAPH
DETECTION: EXAMPLE
DETECTION: PROS & cons
INVESTIGATION
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network