SANS Community Nights are a great way to stay in touch with your local InfoSec community and to hear the latest in technical wizardry, industry intelligence, and thought leadership from our amazing instructors.
Join us at:
The Mercure Sydney, Museum Room, level 2
818/820 George St, Chippendale NSW 2000, Australia
View the agenda below:
Monday, 5th June 2023
16:00 – 17:00
Using PVLANs and related architecture to help stop lateral movement after a client-side compromise. Presented by Greg Scheidel.
Attackers most often enter our environments through client-side compromise, followed by laterally pivoting to other hosts. Blocking that pivot limits the attacker's visibility and access, improves our visibility as defenders, and (in case you need extra incentive to attend this talk!) strongly supports defensible and zero trust network architectures.
In this talk, we'll discuss how to use a combination of techniques - PVLANs, consistent IP addressing, wildcard masks, and router ACLs - to stop the pivot. PVLANs and ACLs by themselves can be effective controls; combined, and supported by consistent IP addressing and wildcard masks, they can stop lateral movement dead in its tracks.