SANS @MIC Talk - Modern Domain Deception - Risks, Limits and potentiality

  • Webcast Aired Monday, 27 Apr 2020 8:30PM EDT (28 Apr 2020 00:30 UTC)
  • Speaker: Agostino Panico

Nowadays most enterprises are build up using Microsoft Windows Active Directory, a specific environment that is based on trust. This specific architecture design useless most of the deception option available. So as Threat Hunter we need to find the unknown, but how hunt for evil if the infrastructure is based on trust and common Deception option are unavailable, or introduce more risk than mitigation?

The talk is the evaluation of the actual limitations, issues and risks of common deception mechanisms and the potentiality if we change the mindset approaching the issue from a different angle.