I Simulate Therefore I Catch - Enhancing Detection Engineering with Adversary Simulation
Offered By: YouTube
Course Description
Overview
Explore adversary simulation techniques to enhance detection engineering in this 50-minute conference talk from Derbycon 2019. Dive into building an attacker's playground, implementing prevention controls, and validating detection resilience. Learn about automated adversary simulation, password spraying, network share enumeration, and privilege escalation. Gain insights on measuring detection maturity and analyzing detection analytics to improve your blue team's capabilities.
Syllabus
Intro
FUN FACT ON PERU
BLUE TEAM IN 2019
BUILDING THE ATTACKER'S PLAYGROUND
DETECTION ENGINEERING
FIRST STEP: PREVENTION CONTROLS
VALIDATE DETECTION RESILIENCE
MEASURE DETECTION MATURITY
AUTOMATED ADVERSARY SIMULATION
PENTEST REPORT 2018
PASSWORD SPRAYING: T1110
NETWORK SPRAY: PICKING HOST TARGETS
DETECTION ANALYTICS
NETWORK SHARE (T1135) & PRIVILEGE ENUMERATION
CLOSINS SURVEY FOR THE BLUE TEAM
Related Courses
Embrace the Red - Enhancing Detection Capabilities with Adversary SimulationYouTube So You Think You Can Secure Your Cloud - Red Team Engagements in GCP
Security BSides San Francisco via YouTube Ferris Bueller's Guide to Abuse Domain Permutations
Security BSides San Francisco via YouTube ICS OSINT - An Attacker’s Perspective
RSA Conference via YouTube Cracking the Perimeter with SharpShooter - Dominic Chell - Hack in Paris - 2019
Hack in Paris via YouTube