Responding to Advanced Adversaries

Channel:
United States SANS Cyber Defense
Subscribers:
23,900
Published on ● Video Link: https://www.youtube.com/watch?v=egDWuabKwds


Duration: 39:40
1,000 views
25

Advanced adversaries (a.k.a APTs ) are able to penetrate organizations and maintain access at will, and often for a long period of time. Advanced adversaries that launch targeted attacks on their victim, are often difficult to detect and eradicate from the environment. This talk will discuss the techniques that are used by threat actors to continue to maintain access in an environment and some key considerations that defenders should keep in mind when removing threat actors from their environment. I will talk about how Blue Teamers can detect, respond to and eradicate such threat actors from their environment.

ABOUT THE SPEAKER
Anurag Khanna is a Manager with CrowdStrike Services where he leads Incident Response and Consulting services in Asia Pacific and advises organizations when they are in midst of security incidents.

View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
#BlueTeamSummit #BlueTeam #CyberDefense



Other Videos By SANS Cyber Defense


2022-12-13Packet Tuesday - FreeBSD Ping Vulnerability
2022-12-08Baby Steps to the Future: Evolving into the Next-Gen SOC
2022-12-07Don't Relay Me: Empirically Diagnose Privilege Escalation via Active Directory Account Sighting
2022-12-06Packet Tuesday - TLS Client Hello
2022-12-05IR Prep and Detection Engineering When the Cloud is Your Data Center
2022-12-02Prioritizing Defensive Capabilities
2022-12-01Once Upon a Login: How Logon Sessions Help Defenders See the Bigger Picture
2022-11-30Designing Security from the Ground Up
2022-11-29Packet Tuesday - TCP Urgent Flag
2022-11-28A Deep Dive into AWS IAM Privilege Escalation Attacks: Defenders’ Edition 2022
2022-11-23Responding to Advanced Adversaries
2022-11-22Packet Tuesday - EDNS Option Type 0
2022-11-21Enabling Defenders to Conduct Incident Response Investigations with Open-Source Tools
2022-11-18Dispatch from the SOC
2022-11-17From IT to Blue Team - Your Time is Now!
2022-11-16Confidence in Chaos: Strategies for World-Class Security Operations
2022-11-15Packet Tuesday - Punycode Encoding DNS
2022-11-15Packet Tuesday - Episode 0
2022-11-02Best Practices and Lessons Learned from Starting Up OSINT Teams
2022-10-27Lifting the Fog: Cyber Threat Intel (CTI) and Threat Discovery
2022-10-19Easing Into Consulting; Consulting on The Side & Other Approaches


Tags:
cyber defense
cyber defenders
anurag khanna
what is cyber defense
apt
anurag khanna cybersecurity
apts
advanced adversaries
blue team
sans blue team summit
blue team summit
incident response