Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD

BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.” Download slides: https://www.activecountermeasures.com/presentations/ 2:47 – Why Are We Doing This? 5:07 – AT7: The Logs You Are Looking For 7:41 – AD Best Practices to Frustrate Attackers 9:37 – AT 5 – Complete Takedown & AT 6 – IOCs 12:04 – Blue Team-A-Palooza 14:22 – Windows Logging, Sysmon, and ELK – Part 1 16:45 – Implementing Sysmon and Applocker 21:45 – …And Group Policies That Kill Kill-Chains 22:31 – Here Are Some Important Blogs 23:35 – Summary Complete 25:28 – Introducing the Atomic Red Team 27:50 – Installing the Atomic Framework 29:29 – Squibbly Doo; The Results; Let’s Take A Step Back: The Atomic Tests; Another Step Back: WEF / Winlogbeat Config 33:41 – Executing T1015; Catching Executables; Executin...