Common Persistence Strategies - Emulating, Preventing, and Detecting



Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses.

 

There are many stages in the attack lifecycle in which we can detect or prevent an (advanced) attacker from getting closer to their final objectives. One thing we always come across however is that the attacker likes to persist in your environment, be it for two days, two months, or two years. It is important from a blue team perspective to understand the techniques employed by the attackers to remain in your environment for a longer period of time. In this follow-up webcast to Finding the Hidden Visitor - Persistence Mechanisms to Look Out For, we will do a review of the most commonly used persistence mechanisms and provide some examples on how they are used by attackers, as well as how they try to prevent detections by combining tactics.

Speaker and Presenter Information

Michel Coene

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


When
Wed, Sep 14, 2022, 10:00am ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
SANS Institute


Contact Event Organizer



Return to search results