ShellCon Schedule Registration Venue Workshops Talks Villages Veterans Sponsor Events
RaiseMe Career Hall Talks Sponsorships Salute! Testimonials Job Board
About Photo Policy Code of Conduct Who We Are Contact Archives
Twitter Facebook LinkedIn Instagram
YouTube Twitch Discord

All times are in Pacific Daylight Time (UTC-0700).

SANS Exercises in Tactical Attack and Defense - Purple Team Scenarios
  • Track: ShellCon U (Beacon): Friday 10/11 @ 1500-1620 PDT

Sponsored by: SANS Institute

This training session will have a sneak preview of SANS’ new Security 699: Advanced Threat Emulation and Attack Simulation.

After a brief introductory lecture on the scenario, it will be primarily hands-on attack emulation and testing of defensive controls. This scenario is based off observed Tactics, Techniques, and Procedures (TTPs) attributed to the group known as APT-30. We will simulate a selection of these TTPs against an environment that includes Azure AD and third-party Active Directory integrations. This session will have participants testing defenses against real-world attacks. Participants need to bring a laptop with VMware or Virtualbox to run a single VM (provided) that interacts with the target environment (also provided).

Attack Highlights:

  • Modern Spearphishing with PDFs
  • Lateral Movement in the enterprise
  • Malware driven Command and Control

SANS Institute

Jim Shewmaker

James Shewmaker has over 20 years of technical experience in IT, primarily developing appliances for automation and security for broadcast radio, internet, and satellite devices. He is the founder and principal consultant at Bluenotch Corporation, Long Beach, California, which provides customized security services focusing on investigations, penetration testing, and analysis to...

Read More

linkedin Jim Shewmaker

© 2023 ShellCon