자격증명(Credential Attack) 공격에 대한 Network Defender 가이드

Wednesday, 14 Sep 2022 11:30AM SST (14 Sep 2022 03:30 UTC)
Speaker: Steve Anson

전통적인의미의네트워크경계선이사라지면서이제네트워크방어는기본사항이되어연결되어있는모든리소스들은인증여부에많은의존하고있습니다. 하지만최근에공격자들은모든유형의크리덴셜(자격증명)을도용하고재사용에상당히능숙하여보안팀에서도정상/비정상을구별해내기가상당히어렵습니다.이번특강에서는내부/외부망및클라우드등최신네트워크환경에서의자격증명에대한공격기법및방어에대해서자세히알아볼예정입니다.

보안분야 20년이상의경력및 SANS 공인강사인 Steve Anson은 IT보안솔루션전문기업인 Forward Defense의이사로, 사고대응, 디지털포렌식및네트워크보안분야에서다양한글로벌고객에게전략적및전술컨설팅서비스를제공합니다.보안전문서적인‘Applied Incident Response’ 의저자이며, ‘Mastering Windows Network Forensics and Investigations’ 의공동저자이고, 지금까지전세계 60개이상의국가들에게사이버보안전문컨설팅및디지털포렌식서비스를제공해온보안전문가입니다.

또한, 미연방수사국(Federal Bureau of Investigation)의태스크포스요원이자국방범죄수사국(Defense Criminal Investigative Service)의특수요원으로서국가안보및시민들의안전과연관된일련의사건들에대한디지털포렌식, 네트워크분석, 국내외사이버테러, 사기및아동범죄조사등수많은사이버범죄들의수사를진행한베테랑입니다.

English

Since the traditional network perimeter has disappeared, network defense increasingly relies upon authenticated access to resources as a primary security control. Unfortunately, attackers have become extremely proficient at stealing and reusing credentials of all types, resulting in stealthy attacks that blend in with normal network activity. This talk will explain how these attacks are possible on premise, in the cloud, and across the Internet with a goal of understanding how to prevent and detect them in your environment.

Steve Anson is a Director with Forward Defense, where he provides strategic and tactical advice to a diverse range of global clientele in the areas of incident response, digital forensics, and network security. Steve is the author of Applied Incident Response and the co-author of Mastering Windows Network Forensics and Investigations, both released by Wiley Publishing. Steve has provided cyber security and digital investigation services for over 20 years in more than 60 countries.

As a task force agent for the Federal Bureau of Investigation and a special agent with the Defense Criminal Investigative Service, Steve conducted digital forensic examinations and led complex computer crime investigations into network intrusions, international espionage, domestic and international terrorism, fraud, crimes against children and other cases involving national security and imminent danger to life.

*You can also register to view this webcast recording in English

View English Recording >

Login to Register

Related Content

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

Cyber Defense, Digital Forensics, Incident Response & Threat Hunting, Industrial Control Systems Security, Penetration Testing and Red Teaming

January 29, 2024

A Visual Summary of SANS CTI Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS CTI Summit 2024

Cybersecurity Insights, Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Cloud Security, Open-Source Intelligence (OSINT), Cybersecurity Leadership, Security Awareness, Artificial Intelligence (AI)

December 18, 2023

Top 15 SANS Summit Talks of 2023

This year, SANS hosted 16 Summits with 209 talks. Here were the top-rated talks of the year.