Think You're Compromised? What Do We Do Next?

Поделиться
HTML-код
  • Опубликовано: 30 июл 2024
  • Join us in the Black Hills InfoSec Discord server here: / discord to keep the security conversation going!
    Reach out to Black Hills Infosec if you need pentesting, threat hunting, ACTIVE SOC, incident response, or blue team services -- www.blackhillsinfosec.com/
    00:00 - Intro
    00:47 - "Ok, But Why"
    02:17 - Have It The Wrong Way
    04:35 - Have It The Right Way
    06:58 - Lego My Incident Response
    08:25 - Monologging On Mute
    11:57 - Wouldn't Be Prudent
    14:29 - "Better Than Bad, It's Good"
    21:33 - A Van Full of Free Tools
    44:10 - CSI: Memory
    45:01 - We Got Cheat Sheets if You Want Some Cheat Sheets
    47:20 - Overlapping Venn Diagrams
    49:46 - Questions in the Wild
    59:15 - Sucking at Capitalism
    In this webcast, we will cover what we can do if we think there is a breach on our network.
    We will cover live forensics, cool PowerShell scripts, network, and event log analysis, cool IR spreadsheets, and checklists.
    We will also be covering the status of our ELK project for reviewing Event ID 3 from Sysmon.
    So, a lot... Yep... A crazy amount.
    Slides for this webcast can be found here: www.blackhillsinfosec.com/wp-...
    Black Hills Infosec Socials
    Twitter: / bhinfosecurity
    Mastodon: infosec.exchange/@blackhillsi...
    LinkedIn: / antisyphon-training
    Discord: / discord
    Black Hills Infosec Shirts & Hoodies
    spearphish-general-store.mysh...
    Black Hills Infosec Services
    Active SOC: www.blackhillsinfosec.com/ser...
    Penetration Testing: www.blackhillsinfosec.com/ser...
    Incident Response: www.blackhillsinfosec.com/ser...
    Backdoors & Breaches - Incident Response Card Game
    Backdoors & Breaches: www.backdoorsandbreaches.com/
    Play B&B Online: play.backdoorsandbreaches.com/
    Antisyphon Training
    Pay What You Can: www.antisyphontraining.com/pa...
    Live Training: www.antisyphontraining.com/co...
    On Demand Training: www.antisyphontraining.com/on...
    Educational Infosec Content
    Black Hills Infosec Blogs: www.blackhillsinfosec.com/blog/
    Wild West Hackin' Fest RUclips: / wildwesthackinfest
    Active Countermeasures RUclips: / activecountermeasures
    Antisyphon Training RUclips: / antisyphontraining
    Join us at the annual information security conference in Deadwood, SD (in-person and virtually) - Wild West Hackin' Fest: wildwesthackinfest.com/
    #bhis #infosec

Комментарии • 4

  • @playmaker1011
    @playmaker1011 4 года назад

    Thank you guys for doing it!

  • @DasMalkavian
    @DasMalkavian 4 года назад +1

    why is there always at least one to dislike something so great?

  • @mohanreddy6778
    @mohanreddy6778 4 года назад

    I knew ur content will be great always, but could you just make the videos a bit short..it always time consuming when we r running out of time.

Следующие
Автовоспроизведение
A Blue Team's Perspective on Red Team Hack Tools1:00:53A Blue Team's Perspective on Red Team Hack Tools
A Blue Team's Perspective on Red Team Hack ToolsBlack Hills Information Security
Просмотров 9 тыс.
Attack Tactics 7: The logs you are looking for54:55Attack Tactics 7: The logs you are looking for
Attack Tactics 7: The logs you are looking forBlack Hills Information Security
Просмотров 8 тыс.
BHIS | Your Free and Open Source EDR Options! | John Strand | 1 Hour1:21:51BHIS | Your Free and Open Source EDR Options! | John Strand | 1 Hour
BHIS | Your Free and Open Source EDR Options! | John Strand | 1 HourBlack Hills Information Security
Просмотров 18 тыс.
Glover (N64) - Angry Video Game Nerd (AVGN)17:04Glover (N64) - Angry Video Game Nerd (AVGN)
Glover (N64) - Angry Video Game Nerd (AVGN)Cinemassacre
Просмотров 697 тыс.
Minecraft but I SAVE The Village... (From Grox)22:02Minecraft but I SAVE The Village... (From Grox)
Minecraft but I SAVE The Village... (From Grox)JoofyLooby
Просмотров 515 тыс.
YouTube Shorts Bingo, but the ENTIRE Board30:02YouTube Shorts Bingo, but the ENTIRE Board
YouTube Shorts Bingo, but the ENTIRE BoardCrispy Concords
Просмотров 364 тыс.
Spending $8,843,815 On The NEW DOPPELGANGER Ability. (Roblox Blade Ball)08:59Spending $8,843,815 On The NEW DOPPELGANGER Ability. (Roblox Blade Ball)
Spending $8,843,815 On The NEW DOPPELGANGER Ability. (Roblox Blade Ball)Foltyn
Просмотров 662 тыс.
Do you think that ChatGPT can reason?1:42:28Do you think that ChatGPT can reason?
Do you think that ChatGPT can reason?Machine Learning Street Talk
Просмотров 24 тыс.
Kerberos & Attacks 1011:00:11Kerberos & Attacks 101
Kerberos & Attacks 101Black Hills Information Security
Просмотров 11 тыс.
Incident Response: Azure Log Analysis19:15Incident Response: Azure Log Analysis
Incident Response: Azure Log AnalysisJohn Hammond
Просмотров 64 тыс.
The SOC Age Or, A Young SOC Analyst's Illustrated Primer | John Strand | 1 Hour1:17:58The SOC Age Or, A Young SOC Analyst's Illustrated Primer | John Strand | 1 Hour
The SOC Age Or, A Young SOC Analyst's Illustrated Primer | John Strand | 1 HourBlack Hills Information Security
Просмотров 24 тыс.
Tales from the Network Threat Hunting Trenches & AI Hunter Demo1:30:44Tales from the Network Threat Hunting Trenches & AI Hunter Demo
Tales from the Network Threat Hunting Trenches & AI Hunter DemoBlack Hills Information Security
Просмотров 17 тыс.
Atomic Purple Team Framework and Life Cycle w/ Kent Ickler & Jordan Drysdale (1-Hour)59:30Atomic Purple Team Framework and Life Cycle w/ Kent Ickler & Jordan Drysdale (1-Hour)
Atomic Purple Team Framework and Life Cycle w/ Kent Ickler & Jordan Drysdale (1-Hour)Black Hills Information Security
Просмотров 4,6 тыс.
Top Hacking Books for 202327:16Top Hacking Books for 2023
Top Hacking Books for 2023David Bombal
Просмотров 363 тыс.
Hacking Windows TrustedInstaller (GOD MODE)31:07Hacking Windows TrustedInstaller (GOD MODE)
Hacking Windows TrustedInstaller (GOD MODE)John Hammond
Просмотров 396 тыс.
Detect Hackers & Malware on your Computer (literally for free)16:38Detect Hackers & Malware on your Computer (literally for free)
Detect Hackers & Malware on your Computer (literally for free)John Hammond
Просмотров 296 тыс.
Отправь знакомому Косицину!🎤🎤 #shorts #slowslowcow #плохиепесни #стендап00:44Отправь знакомому Косицину!🎤🎤 #shorts #slowslowcow #плохиепесни #стендап
Отправь знакомому Косицину!🎤🎤 #shorts #slowslowcow #плохиепесни #стендапslow slow cow
Просмотров 204 тыс.
Ouch.. 🤕00:30Ouch.. 🤕
Ouch.. 🤕Celine & Michiel
Просмотров 6 млн
IQ Level: 1000000:10IQ Level: 10000
IQ Level: 10000Younes Zarou
Просмотров 2,9 млн
ТОКСИКИ #4 | Илья Соболев, Сергей Орлов, Павел Деревянко1:11:09ТОКСИКИ #4 | Илья Соболев, Сергей Орлов, Павел Деревянко
ТОКСИКИ #4 | Илья Соболев, Сергей Орлов, Павел ДеревянкоИлья Соболев
Просмотров 311 тыс.
Стрим Паши Воли 😱 #тнт #shorts #юмор #воля #шоу #павелволя #бустер #бустерстрим #ДилараЗинатуллина00:19Стрим Паши Воли 😱 #тнт #shorts #юмор #воля #шоу #павелволя #бустер #бустерстрим #ДилараЗинатуллина
Стрим Паши Воли 😱 #тнт #shorts #юмор #воля #шоу #павелволя #бустер #бустерстрим #ДилараЗинатуллинаТНТ
Просмотров 1,3 млн
Наказали Перекупа - Больно и Справедливо! || Гнилая схема с KIA RIO26:27Наказали Перекупа — Больно и Справедливо! || Гнилая схема с KIA RIO
Наказали Перекупа - Больно и Справедливо! || Гнилая схема с KIA RIOМаксим Шелков
Просмотров 571 тыс.
Викторина от МАМЫ 🆘 | WICSUR #shorts00:58Викторина от МАМЫ 🆘 | WICSUR #shorts
Викторина от МАМЫ 🆘 | WICSUR #shortsБискас
Просмотров 1,7 млн
PANDAFX vs MAXWELL / КУБОК ФИФЕРОВ 2024 / 3 ТУР20:03PANDAFX vs MAXWELL / КУБОК ФИФЕРОВ 2024 / 3 ТУР
PANDAFX vs MAXWELL / КУБОК ФИФЕРОВ 2024 / 3 ТУРPANDAFX
Просмотров 132 тыс.