$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

SEC599: Defeating Advanced Adversaries – Discover what’s NEW in Purple Team….Latest course updates!

  • Wednesday, May 22, 2019 at 10:30 AM EDT (2019-05-22 14:30:00 UTC)
  • Erik Van Buggenhout

You can now attend the webcast using your mobile device!



What is purple teaming? How can Red and Blue teams, not only co-exist, but strengthen each other and thrive? SEC599 was released back in March 2018 and Erik Van Buggenhout has completed the first MAJOR update. Do you want to know how to leverage MITRE ATT&CK? What baseline controls should you implement to have an effective cyber security posture? If these are questions that frequently come to mind, look no further! Weve doubled down on your feedback and added even more to an already very comprehensive course:

  •  AMSI bypasses in Windows 10
  • In-depth coverage of Exploit Guard and its exploit mitigation techniques
  • MITRE ATT&CK framework and how it can be leveraged in your organization
  • Deep-dive on Kerberos security issues and how they can be defended against (Silver tickets, Golden tickets, & Skeleton Key)
  • Effective ways of detecting on MS-DRS replication attacks (DCSync & DCShadow)

Are you considering taking SEC599? Join us on this webcast for an overview of additions and Q&A with the authors!

Speaker Bio

Erik Van Buggenhout

Erik Van Buggenhout is the lead author of SEC599 - Defeating Advanced Adversaries and SEC699 - Purple Team Tactics. In addition to SEC599 and SEC699, Erik teaches SEC560 - Network Penetration Testing & Ethical Hacking and SEC542 - Web Application Penetration Testing & Ethical Hacking. In addition to his work with SANS, Erik is the co-founder of Belgian cyber security firm NVISO. Together with his team of 70+ technical experts, Erik delivers a wide array of technical security services, including penetration testing, security monitoring & incident response.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.