Derbycon 2016 – Living Off the Land 2: A Minimalist’s Guide to Windows Defense

The ?living off the land? philosophy, as applied to InfoSec, is the idea that one can thrive using mostly the tools present in a target environment in an effort to remain hidden from an adversary. While historically this philosophy has been applied to offense, it is equally applicable to defense. A capable defender, ideally, should introduce a minimal forensic footprint into an environment suspected to be compromised. Additionally, informed defenders should have an awareness of attacker objectives which includes performing reconnaissance against common security products, most of which consume a substantial OS fingerprint. This talk aims to introduce defenders to defensive capabilities built-in to all versions of Windows which are likely to leave adversaries in dark as to what defensive mechanisms are in place. Expensive defensive products are not always the solution when you?re already sitting on a goldmine of free, unexploited capabilities.
Matt Graeber is a reverse engineer and security professional who knows some things about things but is otherwise a complete noob in many facets of life. Matt is commonly known as that guy who took Dave Kennedy and Josh Kelley’s original PowerShell talk and turned it into an unhealthy obsession for which he still hasn?t broken himself of. Matt prides himself not on his industry speaking engagements, certifications, or experience but rather the journey that took him to his present situation – surrounded by motivated, brilliant, and genuinely good people.
For More information Please Visit:- https://www.derbycon.com/
http://www.irongeek.com/i.php?page=videos/derbycon6/mainlist

Source: SecurityTube.Net @ November 29, 2016 at 09:04PM

0
Share