All times are in Pacific Daylight Time (UTC-0700).

  • Track: ShellCon U (Beacon): Friday 10/11 @ 1330-1450 PDT

Sponsored by: SANS Institute

This training session will have a sneak preview of SANS’ new Security 699: Advanced Threat Emulation and Attack Simulation.

After a brief introductory lecture on the scenario, it will be primarily hands-on attack emulation and testing of defensive controls. This scenario is based off observed Tactics, Techniques, and Procedures (TTPs) attributed to the group known as APT-30. We will simulate a selection of these TTPs against an environment that includes Azure AD and third-party Active Directory integrations. This session will have participants testing defenses against real-world attacks. Participants need to bring a laptop with VMware or Virtualbox to run a single VM (provided) that interacts with the target environment (also provided).

Attack Highlights:

  • Modern Spearphishing with PDFs
  • Lateral Movement in the enterprise
  • Malware driven Command and Control

SANS Institute

James Shewmaker has over 20 years of technical experience in IT, primarily developing appliances for automation and security for broadcast radio, internet, and satellite devices. He is the founder and principal consultant at Bluenotch Corporation, Long Beach, California, which provides customized security services focusing on investigations, penetration testing, and analysis...

Read More

linkedin Jim Shewmaker

© 2021 ShellCon