Name: TH-3005 Host & Threat Hunting on a Budget
Start: 2019-10-11T13:00:00-0500
End: 2019-10-11T14:00:00-0500

WELCOME TO THE TEXAS CYBER SUMMIT

Back To Schedule

TH-3005 Host & Threat Hunting on a Budget

Feedback form is now closed.

First 100 days, I wanted to make a positive impact on the organization. I get a lay of the land and notice it was a majority Windows shop with no endpoint visibility. I go over how I prove to management and IT Operations when an opportunity presents itself. There is a suspicious beaconing of a known malicious domain. I quickly deploy Sysmon with PowerShell, as WinRM is enabled everywhere. Bam! I find Kovter fileless malware and break down the analysis. Now that I have buy-in, I go over the methods to get quick wins by deploying technologies like Sysmon, OSqeury, turn on auditing and Windows firewalls. I go over the benefits of Sysmon, how to deploy in the environment on a budget I do a post-mortem assessment and what I would have done differently.

Speakers

Leo Bastidas

DFIR/Threat Hunter, Fujitsu

Leo Bastidas started his career as a troubled teen, it's how he ended up working at the local repair shop, fixing PCs. He then joined the military after high school as there were no other options at the time. That is where he started with the Military Police, then quickly pivoted... Read More →

Friday October 11, 2019 1:00pm - 2:00pm CDT
BONHAM 3-D | Expert 2 600 E Market St, San Antonio, TX Floor 3

Intermediate, Packet Captures

Texas Cyber Summit II

Leo Bastidas

Attendees (60)

Texas Cyber Summit II

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Leo Bastidas

Attendees (60)