Sponsored by: SANS Institute
This training session will have a sneak preview of SANS’ new Security 699:
Advanced Threat Emulation and Attack Simulation.
After a brief introductory lecture on the scenario, it will be primarily
hands-on attack emulation and testing of defensive controls. This scenario is
based off observed Tactics, Techniques, and Procedures (TTPs) attributed to the
group known as APT-30. We will simulate a selection of these TTPs against an
environment that includes Azure AD and third-party Active Directory
integrations. This session will have participants testing defenses against
real-world attacks. Participants need to bring a laptop with VMware or
Virtualbox to run a single VM (provided) that interacts with the target
environment (also provided).
- Modern Spearphishing with PDFs
- Lateral Movement in the enterprise
- Malware driven Command and Control