Think You're Compromised? What Do We Do Next?

Join us in the Black Hills InfoSec Discord server here: / discord to keep the security conversation going!
Reach out to Black Hills Infosec if you need pentesting, threat hunting, ACTIVE SOC, incident response, or blue team services -- www.blackhillsinfosec.com/
00:00 - Intro
00:47 - "Ok, But Why"
02:17 - Have It The Wrong Way
04:35 - Have It The Right Way
06:58 - Lego My Incident Response
08:25 - Monologging On Mute
11:57 - Wouldn't Be Prudent
14:29 - "Better Than Bad, It's Good"
21:33 - A Van Full of Free Tools
44:10 - CSI: Memory
45:01 - We Got Cheat Sheets if You Want Some Cheat Sheets
47:20 - Overlapping Venn Diagrams
49:46 - Questions in the Wild
59:15 - Sucking at Capitalism
In this webcast, we will cover what we can do if we think there is a breach on our network.
We will cover live forensics, cool PowerShell scripts, network, and event log analysis, cool IR spreadsheets, and checklists.
We will also be covering the status of our ELK project for reviewing Event ID 3 from Sysmon.
So, a lot... Yep... A crazy amount.
Slides for this webcast can be found here: www.blackhillsinfosec.com/wp-...
Black Hills Infosec Socials
Twitter: / bhinfosecurity
Mastodon: infosec.exchange/@blackhillsi...
LinkedIn: / antisyphon-training
Discord: / discord
Black Hills Infosec Shirts & Hoodies
spearphish-general-store.mysh...
Black Hills Infosec Services
Active SOC: www.blackhillsinfosec.com/ser...
Penetration Testing: www.blackhillsinfosec.com/ser...
Incident Response: www.blackhillsinfosec.com/ser...
Backdoors & Breaches - Incident Response Card Game
Backdoors & Breaches: www.backdoorsandbreaches.com/
Play B&B Online: play.backdoorsandbreaches.com/
Antisyphon Training
Pay What You Can: www.antisyphontraining.com/pa...
Live Training: www.antisyphontraining.com/co...
On Demand Training: www.antisyphontraining.com/on...
Educational Infosec Content
Black Hills Infosec Blogs: www.blackhillsinfosec.com/blog/
Wild West Hackin' Fest KZread: / wildwesthackinfest
Active Countermeasures KZread: / activecountermeasures
Antisyphon Training KZread: / antisyphontraining
Join us at the annual information security conference in Deadwood, SD (in-person and virtually) - Wild West Hackin' Fest: wildwesthackinfest.com/
#bhis #infosec

Пікірлер: 4

  • @playmaker1011
    @playmaker10114 жыл бұрын

    Thank you guys for doing it!

  • @DasMalkavian
    @DasMalkavian4 жыл бұрын

    why is there always at least one to dislike something so great?

  • @cat19649

    @cat19649

    4 жыл бұрын

    china

  • @mohanreddy6778
    @mohanreddy67784 жыл бұрын

    I knew ur content will be great always, but could you just make the videos a bit short..it always time consuming when we r running out of time.