Active Countermeasures Webcasts
Video archive recordings of our live webcasts.
Network Threat Hunting Runbook
We all know what threat hunting is in general terms; its when we actively search our network for compromised systems. But what does that mean exactly and what process should we be following? Can I simply check network traffic to see if the evil bit is set, or is there a bit more to it than that?
In this webcast we walk you through the methodology of doing a network threat hunt. We talk about what steps to perform and in what order. We also look at some of the tools and online resources you can leverage to expedite the process. In short, this Webcast is a runbook you can leverage for validating the integrity of each of your internal endpoints.
Additionally, we have documented some of what is covered in this webcast as a reference in our blog post: How to Threat Hunt Your Network.
Threat Hunting Beacon Analysis
Join Chris Brenton, COO of Active Countermeasures, as he discusses the anatomy of beacons and why you need to be looking for them during a threat hunt. He also talks through the challenges of detecting beacons, and some tricks you can use.
Attack Tactics: Part 4
For this next installment of the Attack Tactics series, John Strand looks at cloud security defenses. In the previous webcast, we covered the tools Black Hills Information Security (our sister company) uses to attack cloud-based two-factor authentication and turn cloud services against each other for password spraying. We also cover how we can create cloud malware to ex-filtrate data. Watch now to learn more about how to stop these kinds of attacks.
Attack Tactics: Part 3
For this next installment of our Attack Tactics webcast series, John Strand looks at an environment that had no Active Directory. This is odd, but it’s becoming more and more common for new companies to have everything in the “cloud” and BYOD. This is also a great case-study on how to access services like Git, Slack, Gsuites, Salesforce and so on, because even if you are still using AD, you WILL be moving to the cloud. This webcast is for everyone. Finally, as testers, we need to evolve our testing to be able to successfully test these cloud services. This means we all need to up our game and be ready for the next round of cloud-based enterprise technologies!
Attack Tactics: Part 2
This is the second part of John’s series about Attack Tactics. In the first part we discussed how we’d attack. Now, we cover the same attack, but this time we are covering the defensive components the organization could have implemented to stop us every step of the way.
“We cover event logs, new vendors, SIEM, UBEA and yes… I hate to say it… Cyber Kill Chain. Remember, the goal is to make your next pentester cry; to make hackers give up and most importantly to have puppies and kittens everywhere love you.” – John
Attack Tactics: Part 1
John Strand is starting a new series of webcasts called Attack Tactics. This first part is a step-by-step walk-through of an attack BHIS launched against a customer, with just a few obfuscating tweaks. He covers the tools, how we used them and any other tricks we had to pull out for the attack. The second will be co-hosted by our sister company Active Countermeasures and will go through the defensive side. Stay tuned for more details about that!