Disrupt Attacks at the Endpoint with Attivo Networks - Joseph Salazar - PSW #674

Nov 14 2020 63 mins   17

Attackers have repeatedly demonstrated that they can evade perimeter defenses to compromise a system inside the network. Once they get in, they must break out from that beachhead, conduct discovery, credential theft, lateral movement, privilege escalation, and data collection activities. Suppose they go looking for locally stored files or network shares and instead see nothing of value? What if they query Active Directory and don’t get real credentials in the responses? What if they look for ports or services to attack, and instead, their connections get redirected to systems with no value? If they can’t see and access data or accounts that move them forward, they can’t attack anything of value. Learn how deception and concealment technology can deny, detect, and disrupt attackers when they first enter the network.

This segment is sponsored by Attivo Networks. Visit https://securityweekly.com/attivonetworks to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/psw674