Recognizing that a prevent-only strategy is not sufficient, we will introduce security controls aimed at stopping, detecting, and responding to your adversaries through a purple team strategy.

The topics to be addressed include:

Leveraging MITRE ATT&CK as a "common language" in the organization

Building your own Cuckoo sandbox solution to analyze payloads

Developing effective group policies to improve script execution (including PowerShell, Windows Script Host, VBA, HTA, etc.)

Highlighting key bypass strats for script controls (Unmanaged Powershell, AMSI bypasses, etc.)

Stopping 0-day exploits using ExploitGuard and application whitelisting

Highlighting key bypass strats in application whitelisting (focus on AppLocker)

Detecting and preventing malware persistence

Leveraging the Elastic stack as a central log analysis solution

Detecting and preventing lateral movement through Sysmon, Windows event monitoring, and group policies

Blocking and detecting command and control through network traffic analysis

Leveraging threat intelligence to improve your security posture



DOWNLOAD
uploadgig


rapidgator


nitroflare