homepage
Open menu
Contact Sales

Threat Hunting via DeepBlueCLI v3

  • Thursday, 29 Jun 2023 1:00PM EDT (29 Jun 2023 17:00 UTC)
  • Speaker: Eric Conrad

Every incident ends with a lessons learned meeting, and most executive summaries include this bullet point: "Leverage the tools you already paid for"

Are you leveraging the tools you already paid for? Are you using the host-based firewall to block/alert when applications like PowerShell, PSExec, and WMIC attempt to make outbound connections from non-IT clients? Have you enabled AppLocker?

DeepBlueCLIv3 will go toe-to-toe with the latest attacks, analyzing the evidence malware leaves behind, using built-in capabilities such as Windows command line auditing, PowerShell, and Sysmon logging. This talk will focus on the latest updates to DeepBlueCLI, including detecting Impacket and WMI-based attacks, C2 frameworks such as Sliver, password spraying, process injection, event log manipulation, and more.

Login to Register

Related Content

Blog
CD - Blog - Eight Essential Lessons for Resilient Supply Chain Security_340 x 340.jpg
Cybersecurity Leadership, Cyber Defense
Eight Essential Lessons for Resilient Supply Chain Security
Tony Turner, SEC547 course author, shares his insights on building a secure product supply chain.
Tony_Turner_340x340.png
Tony Turner
read more
Blog
N2C - Blog - Allianz Cyber Talent Academy - The First Foundation to Bridge the Cybersecurity Skills Shortage_340 x 340.jpg
Cyber Defense
Allianz Cyber Talent Academy - The First Foundation to Bridge the Cybersecurity Skills Shortage
50 graduates received their Allianz Cyber Talent Academy certifications on June 4th from SANS Institute in Munich, supported by Allianz.
SANS_social_88x82.jpg
SANS Institute
read more
Blog
SANS Blog
Cybersecurity and IT Essentials, Cyber Defense
Becoming an All-Around Defender: Social Engineering Your Way to Success
You’ve got the technical skills, now learn the soft skills you need to go even further in your career.
Michelle Petersen
read more