SOLARWINDS – A SANS Lightning Summit
This hour and a half long Lightning Summit will feature six different 10-minute talks from SANS instructors across various disciplines.
It has been over a month since SolarWinds made public that it was breached and a backdoor known as SUNBURST had been inserted into its flagship product. During the last month, the information security community has come together to share and learn about how to defend against this attack. In this SANS Lightning Summit, SANS instructors will present lightning talks summarizing some of the key lessons learned.
The compromised SolarWinds Orion platform is at the heart of many organizations. It monitors and manages enterprise infrastructure. The platform has full access to all managed assets. This made the backdoor attackers introduced into SolarWinds Orion a worst-case scenario supply chain attack. The attack started as early as March, but was not detected until December which provided ample time for attackers to roam and compromise the networks managed by SolarWinds Orion.
You will learn:
- about the larger concern of supply chain attacks
- how others have approached it (good and bad)
- what you may have missed about SolarWinds/Sunburst
- what it means to have a trust compromise and how to recover
- how you are able to protect yourself or detect compromise
Talks include:
Overview and Intro - Rob Lee FOR508 Advanced Incident Response Author and Instructor
KEY CTI Takeaways - - Katie Nickels FOR578 Cyber Threat Intelligence Instructors
Hunting and incident response key takeaways from the field - Mark Bristow ICS515: ICS Active Defense and Incident Response Instructor
Takeaways from SolarWinds Malware Analysis and why it is important - - - - Evan Dygert FOR610 Malware Analysis Instructor
Best and Worst organizational approaches to SolarWinds/SunBurst Incident (Detection, Response, Remediation). Rating effective hunting approaches for SolarWinds. - Mike Murr
Blue Team Approaches in Preventing and Detection of SolarWinds in the Future - John Hubbard SEC450: Blue Team Fundamentals: Security Operations and Analysis Author and Instructor
Beyond SolarWinds: What we need to learn about supply chain attacks NOW. - Dr. Johannes Ulrich Internet Storm Center Lead
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.
Видео SOLARWINDS – A SANS Lightning Summit канала SANS Institute
It has been over a month since SolarWinds made public that it was breached and a backdoor known as SUNBURST had been inserted into its flagship product. During the last month, the information security community has come together to share and learn about how to defend against this attack. In this SANS Lightning Summit, SANS instructors will present lightning talks summarizing some of the key lessons learned.
The compromised SolarWinds Orion platform is at the heart of many organizations. It monitors and manages enterprise infrastructure. The platform has full access to all managed assets. This made the backdoor attackers introduced into SolarWinds Orion a worst-case scenario supply chain attack. The attack started as early as March, but was not detected until December which provided ample time for attackers to roam and compromise the networks managed by SolarWinds Orion.
You will learn:
- about the larger concern of supply chain attacks
- how others have approached it (good and bad)
- what you may have missed about SolarWinds/Sunburst
- what it means to have a trust compromise and how to recover
- how you are able to protect yourself or detect compromise
Talks include:
Overview and Intro - Rob Lee FOR508 Advanced Incident Response Author and Instructor
KEY CTI Takeaways - - Katie Nickels FOR578 Cyber Threat Intelligence Instructors
Hunting and incident response key takeaways from the field - Mark Bristow ICS515: ICS Active Defense and Incident Response Instructor
Takeaways from SolarWinds Malware Analysis and why it is important - - - - Evan Dygert FOR610 Malware Analysis Instructor
Best and Worst organizational approaches to SolarWinds/SunBurst Incident (Detection, Response, Remediation). Rating effective hunting approaches for SolarWinds. - Mike Murr
Blue Team Approaches in Preventing and Detection of SolarWinds in the Future - John Hubbard SEC450: Blue Team Fundamentals: Security Operations and Analysis Author and Instructor
Beyond SolarWinds: What we need to learn about supply chain attacks NOW. - Dr. Johannes Ulrich Internet Storm Center Lead
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.
Видео SOLARWINDS – A SANS Lightning Summit канала SANS Institute
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
DNS: What It Is, What It Does, and How to Defend ItHow Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017SANS Emergency Webcast: What you need to know about the SolarWinds Supply-Chain AttackWhat Happened To Dell?Threat Hunting via Sysmon - SANS Blue Team SummitThe Smartest Way To Get Lean In 2021 (Shredding Science Explained)Black Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood HackerSupply-Chain Attacks: Threats and ResponseMoving Past Just Googling It: Harvesting and Using OSINT | SANS@MIC TalkSolarWinds: What It Means & What’s NextCan People Hack Nuclear Plants?Defending Critical InfrastructureCan Sea Water Desalination Save The World?Mathematics is the queen of SciencesHow the Best Hackers Learn Their CraftKT Enterprise AMC Election Watch 2021 (ZPM)The most important lesson from 83,000 brain scans | Daniel Amen | TEDxOrangeCoastWeaponizing the Deep Web | SANS OSINT Summit 2020Learning How to Learn | Barbara Oakley | Talks at GoogleNetwork Security 101: Full Workshop