BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission!

We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.”

Download slides: https://www.activecountermeasures.com/presentations/

2:47 – Why Are We Doing This?

5:07 – AT7: The Logs You Are Looking For

7:41 – AD Best Practices to Frustrate Attackers

9:37 – AT 5 – Complete Takedown & AT 6 – IOCs

12:04 – Blue Team-A-Palooza

14:22 – Windows Logging, Sysmon, and ELK – Part 1

16:45 – Implementing Sysmon and Applocker

21:45 – …And Group Policies That Kill Kill-Chains

22:31 – Here Are Some Important Blogs

23:35 – Summary Complete

25:28 – Introducing the Atomic Red Team

27:50 – Installing the Atomic Framework

29:29 – Squibbly Doo; The Results; Let’s Take A Step Back: The Atomic Tests; Another Step Back: WEF / Winlogbeat Config

33:41 – Executing T1015; Catching Executables; Executin...