A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Logging Pitfalls and How to Abuse Them - Kevin Kaminski Michael Music (BSides Tampa 2019) (Hacking Illustrated Series InfoSec Tutorial Videos)

Logging Pitfalls and How to Abuse Them
Kevin Kaminski Michael Music
BSides Tampa 2019

Abstract: You cannot defend from what you cannot see. A lack of proper logging from endpoints, servers, and security appliances is a widespread issue for companies in every industry. We will outline the most common logging gaps, mistakes, and misconfigurations that we've seen and how an attacker can abuse them. This can include identifying what exactly the blue team will not see, and how knowledge of the shortcomings can allow attackers to evade the blue team or generally be more lazy and comfortable in their attack. We will also offer insight on how to solve these common problems from a high level.

Bio: Kevin Kaminski has been working at ReliaQuest for 4 years, currently as the Threat Management R&D Lead. He currently works researching the latest threat behaviors and tools in the wild, how they can be detected with enterprise technologies, and how the logs can be correlated in SIEM solutions to provide actionable intelligence. Michael Music is a USF Computer Science graduate and currently works on ReliaQuest,s Threat Management team. He is currently researching automated threat emulation, red teaming, and how red teams can enhance an organization,s security.

Back to BSides Tampa 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


    If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

    Copyright 2019, IronGeek
    Louisville / Kentuckiana Information Security Enthusiast