Breaking the Attack Graph - How to Leverage Graphs to Strengthen Security in a Domain Environment
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a 26-minute Black Hat conference talk on leveraging graphs to enhance security in domain environments. Discover how defenders are shifting from list-based thinking to graph-based approaches to combat sophisticated attackers. Learn about tools like BloodHound and GoFetch, and examine prevention strategies involving vulnerable nodes and node disconnection. Delve into detection techniques using logon graphs and weighted logon graphs, complete with examples and a discussion of pros and cons. Gain insights into investigation methods and understand how graph-based thinking can revolutionize security practices in large-scale environments.
Syllabus
Intro
BLOODHOUND
GOFETCH
ATTACKERS VS. DEFENDERS ATTACKERS
HOW CAN DEFENDERS USE GRAPHS?
DATA SOURCES
PREVENTION: VULNERABLE NODES
PREVENTION: DISCONNECTING NODES
DETECTION: LOGON GRAPH
DETECTION: WEIGHTED LOGON GRAPH
DETECTION: EXAMPLE
DETECTION: PROS & cons
INVESTIGATION
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube