The Detection Series: Credential access
1.5 هزار بار بازدید -
2 سال پیش
-
Credential Access (TA0006) is a
Credential Access (TA0006) is a key component of nearly every intrusion. Adversaries leverage the tactic to steal usernames, passwords, and tokens that they then use to gain access to systems, evade detection, and create additional accounts for further abuse. OS Credential Dumping (T1003) and sub-techniques like LSASS Memory (T1003.001) offer adversaries tried-and-true methods of gaining access to legitimate user accounts and systems—and are among the primary methods of credential access and credential dumping that we’ll examine.
If you like to read along with your video check out the companion blog: redcanary.com/blog/credential-access/
In this hour-long webinar, experts from CrowdStrike, MITRE ATT&CK®, and Red Canary will provide insight into:
- Common ways that adversaries abuse credential access
- Tools and log sources that collect relevant telemetry
- How to detect, mitigate, and respond to credential access techniques
- Strategies for testing your security controls by emulating suspicious credential access activity with Atomic Red Team
As your security ally, Red Canary enables your team to focus on the highest priority security issues impacting your business. By removing your need to build and manage a threat detection operation, we help you focus on running your business securely and successfully. Our Managed Detection and Response, or MDR, delivers threat detection, hunting, and response—driven by human expert analysis and guidance—applied across your endpoints, cloud, and network security.
Subscribe to our YouTube channel for frequently updated (though not overbearing), how-to content about Atomic Red Team, threat hunting in security operations, MDR or Managed Detection and Response, and using the MITRE ATT&CK framework.
#mdr | #RedCanary | #MITREATTACK
2 سال پیش
در تاریخ 1401/10/28 منتشر شده
است.
1,507
بـار بازدید شده