filmov
tv
Threat Hunting in Active Directory Environments
Показать описание
In financial institutions, complex environments and the constant threat of attack by sophisticated actors is typical. Such environments demand insights both in real-time and historical all at scale.
In this video, we’ll show a brief example of threat hunting using Reveal(x) and test the hypothesis: “We will see remote service creation in the PC subnet over the last 7 days.” We’ll explore the Microsoft Remote Procedure Call (MSRPC) protocol and the CreateServiceW function to hunt for indicators of lateral movement or other advanced attack stages like persistence.
#Cybersecurity #FinancialServices #ThreatHunting
In this video, we’ll show a brief example of threat hunting using Reveal(x) and test the hypothesis: “We will see remote service creation in the PC subnet over the last 7 days.” We’ll explore the Microsoft Remote Procedure Call (MSRPC) protocol and the CreateServiceW function to hunt for indicators of lateral movement or other advanced attack stages like persistence.
#Cybersecurity #FinancialServices #ThreatHunting
0:37:15
0:05:17
0:10:07
0:45:05
0:09:17
0:07:40
0:37:15
0:27:33
0:56:48
0:31:28
0:28:05
0:58:44
0:45:05
0:22:29
0:51:02
0:45:05
0:07:13
0:51:01
0:38:06
0:04:32
0:38:43
0:58:28
0:32:30
0:08:12