Bring the Fight to Them: Hunting down adversaries using OSQuery

Tuesday, 05 Dec 2017 10:30AM EST (05 Dec 2017 15:30 UTC)
Speakers: Stephen Sims, Erik Van Buggenhout

Defeating Advanced Adversaries 'a webcast series. In the first webcast of the series, SEC599 Course Authors and Instructors Stephen Sims and Erik Van Buggenhout will walk through how OSQuery can be leveraged to obtain interesting information about your environment. \We will discuss the inner workings of OSQuery and how you can leverage it effectively to obtain critical information." A webcast wouldn't be complete unless we had a live demo 'view the new lab platform where we will demonstrate how to detect an actual infection using OSQuery.

Watch Part 2 and Part 3 in the Defeating Advanced Adversaries Series

Part 2: Improving Your Defenses - CredentialGuard in Windows 10
https://www.sans.org/webcasts/improving-defenses-credentialguard-windows-10-106190
Part 3: Improving Your Defenses - EMET & Window Defender Exploit Guard
https://www.sans.org/webcasts/improving-defenses-emet-window-defender-exploit-guard-106195

Login to Register

Related Content

Offensive Operations, Pen Testing, and Red Teaming, Open-Source Intelligence (OSINT), Penetration Testing and Red Teaming

November 16, 2023

A Visual Summary of SANS HackFest Summit

Check out these graphic recordings created in real-time throughout the event for SANS HackFest Summit 2023

Offensive Operations, Pen Testing, and Red Teaming, Penetration Testing and Red Teaming

October 4, 2023

SEC670 Prep Quiz Answers

Answers for the SEC670 Prep Quiz. For more details about the course and the quiz, please clickthrough to see the quiz article.

Jonathan Reiter

Offensive Operations, Pen Testing, and Red Teaming, Penetration Testing and Red Teaming

October 4, 2023

Take The Prerequisite SEC670 Quiz

This ten question quiz will help you in determining if you are ready to take SEC670.

Jonathan Reiter