Tips, Tricks, and Cheats Gathered from Red vs. Blue Team-Based Training

  • Tuesday, 23 Jul 2019 1:00PM EDT (23 Jul 2019 17:00 UTC)
  • Speakers: Ed Skoudis, Joshua Wright

Last month, SANS launched its first Team-Based Training course, pitting some of the world's finest blue teamers against very determined adversaries. 'And, gosh, did we learn a lot from the battle ' awesome tips, tricks, and cheats that YOU can utilize right away to better defend your own environment. During this webcast, we'll share some of the most useful, practical, and directly applicable lessons learned. For example, in many organizations, the ops team captures logs, but, sadly, these logs are rarely reviewed at any sort of depth. Let's face it: Analyzing Windows system log activity across an enterprise is hugely daunting. 'But we all know that it can also be a terrific opportunity to detect the presence of evil in your environment. Join Ed and Josh as they review the results of the most recent SANS red vs. blue training, and the power of free Windows host-based analysis tools DeepBlueCLI and LogonTracer as simple yet highly effective mechanisms to detect bad actors in your network.