It has been a time-honored, folklore tradition from Bram Stoker all the way down to \Buffy the Vampire Slayer" that a vampire must FIRST be invited in to enter your home. At the end of 2020, the worst Supply Chain attack in memory meant that 18,000 companies unknowingly invited digital vampires to enter their networks and feast on their intellectual property.
Given that sophisticated actors will continue, how can you use covert countermeasures to flag unusual and malicious behavior, investigate and respond to stop them before they breach your network?
In this talk, we will use the SUNBURST backdoor exploit as a backdrop since the majority of the IOCs were Network visible (Domains, Subdomains and IP Addresses). '
'We will conclude with how to use Network Detection and Response (NDR) as a cross and Endpoint Detection and Response (EDR) as a wooden stake to stop advanced threats.