homepage
Open menu
Talk with an expert

Threat Hunting via DeepBlueCLI v3

  • Thursday, 29 Jun 2023 1:00PM EDT (29 Jun 2023 17:00 UTC)
  • Speaker: Eric Conrad

Every incident ends with a lessons learned meeting, and most executive summaries include this bullet point: "Leverage the tools you already paid for"

Are you leveraging the tools you already paid for? Are you using the host-based firewall to block/alert when applications like PowerShell, PSExec, and WMIC attempt to make outbound connections from non-IT clients? Have you enabled AppLocker?

DeepBlueCLIv3 will go toe-to-toe with the latest attacks, analyzing the evidence malware leaves behind, using built-in capabilities such as Windows command line auditing, PowerShell, and Sysmon logging. This talk will focus on the latest updates to DeepBlueCLI, including detecting Impacket and WMI-based attacks, C2 frameworks such as Sliver, password spraying, process injection, event log manipulation, and more.

Login to Register

Related Content

Blog
Why SANS - Blog - Zero Trust - Zero Trust Network Architecture- Ready for Prime Time__340 x 340.jpg
Cyber Defense
Zero Trust Network Architecture: Ready for Prime Time?
This infographic outlines the principles of implementing a Zero Trust architecture by focusing on strategies like micro-segmentation and continuous authentication.For a deeper dive into these topics, download the SANS Zero Trust Strategy Guide and watch the YouTube video to gain actionable...
SANS_social_88x82.jpg
SANS Institute
read more
Blog
Why SANS - Blog - Critical Infrastructure - Supply Chain Attacks- Why Security Leaders Must Act Now_340 x 340.jpg
Cyber Defense
Fortifying the Supply Chain: Strategies for Modern Security Challenges
This infographic emphasizes securing the supply chain against modern threats by distinguishing supply-chain risks from internal risks and recommending best practices for managing external dependencies.For a deeper dive into these topics, download the ICS Strategy Guide and watch the YouTube video...
SANS_social_88x82.jpg
SANS Institute
read more
Blog
Top_10_SANS_Summits_Talks_of_2021.png
Cybersecurity Insights, Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Cloud Security, Open-Source Intelligence (OSINT), Cybersecurity Leadership, Security Awareness, Artificial Intelligence (AI)
Top 15 SANS Summit Talks of 2023
This year, SANS hosted 16 Summits with 209 talks. Here were the top-rated talks of the year.
370x370-person-placeholder.png
Alison Kim
read more