DEF CON 2020 Red Team Village Talk - Breaking The Attack Chain

 

Despite the rising tide of security maturity, targeted attack chains are often successful due to systemic weaknesses in how modern IT administrators and blue teams operate. This talk focuses on the attacker's perspective on how common attack chains can be stopped before they spiral out of control. We hear from two deeply experienced red team operators whose passion for attacking modern enterprise environments has yielded a great many instructive successes (and failures). This conversation addresses tactics and techniques from successful red team engagements as well as specific countermeasures that would hamstring these attack chains.

 

Read more from Matt Eidelberg:

 

Digging Your Talons In – New Take On Password Guessing

ATT&CK Series: Lateral Movement Techniques

It’s Not Always About the Perimeter – A Look at Domain Reconnaissance

Matthew Eidelberg
Engineering Fellow | Optiv
Matthew Eidelberg is an Engineering Fellow in Optiv’s Threat Management Team (Attack and Penetration specialization). His primary role focuses on leading Threat Management’s Adversary Simulation Services, which address physical, red/purple team, and other advanced assessments. Matthew’s expertise also involves research development, focusing on developing new techniques and tooling for endpoint security bypass and evasion.
Corey Ham
Principal Consultant in Advisory Services | Optiv
Corey Ham is a principal consultant in Optiv's advisory services practice on the attack and penetration team. Corey specializes in adversary simulation, penetration testing, and OT/ICS testing. Corey's primary role is to deliver client projects and research.