Logo video2dn
  • Сохранить видео с ютуба
  • Категории
    • Музыка
    • Кино и Анимация
    • Автомобили
    • Животные
    • Спорт
    • Путешествия
    • Игры
    • Люди и Блоги
    • Юмор
    • Развлечения
    • Новости и Политика
    • Howto и Стиль
    • Diy своими руками
    • Образование
    • Наука и Технологии
    • Некоммерческие Организации
  • О сайте

Скачать или смотреть Taking Hunting to the Next Level: Hunting in Memory - SANS Threat Hunting Summit 2017

  • SANS Digital Forensics and Incident Response
  • 2017-09-26
  • 7655
Taking Hunting to the Next Level: Hunting in Memory - SANS Threat Hunting Summit 2017
digital forensicsincident responsethreat huntingcyber threat intelligencedfir trainingdfirmemory forensicsyt:cc=on
  • ok logo

Скачать Taking Hunting to the Next Level: Hunting in Memory - SANS Threat Hunting Summit 2017 бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно Taking Hunting to the Next Level: Hunting in Memory - SANS Threat Hunting Summit 2017 или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

  • Информация по загрузке:

Cкачать музыку Taking Hunting to the Next Level: Hunting in Memory - SANS Threat Hunting Summit 2017 бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео Taking Hunting to the Next Level: Hunting in Memory - SANS Threat Hunting Summit 2017

The vast majority of threat hunting takes place on easily visible and accessible system artifacts. These include log entries, network data, command line histories, persistence locations, and many other locations on a system or in the environment. Thanks to rule-based approaches and more advanced data analytics, it is relatively easy to detect outliers, surface suspicious artifacts, and discover anomalies on and across endpoints. Current hunt methodologies do a good job finding intrusions and reducing dwell times in many cases, but it still isn’t good enough. Traditional hunting methods don’t address one essential area: in memory-only attacks.

Today’s sophisticated adversaries are well aware of challenges in-memory only methods pose for defensive tools and methods (including threat hunting) and thus increasingly avoid disk
during operations. It is generally not possible with today’s tools to perform signature-less analysis of memory at the large scale necessary for effective hunting. Current memory analysis
methods usually require collection of very large amounts of data and entail intensive analysis. Memory is largely a place for forensics as opposed to a datasource for real threat hunting at
the speed and scale necessary for effective detection. We can do better. In this talk, we will describe both common and advanced stealth malware techniques which evade today’s hunt tools and methodologies. Attendees will learn about adversary stealth and understand ways to detect some of these methods. Then, we will demonstrate and release a Powershell tool which will allow a hunter to automatically analyze memory across systems and rapidly highlight injected in-memory-only attacks across systems at scale. This will help move memory analysis from the domain of forensics to the domain of detection and hunting, allowing hunters to close the detection gap against in-memory threats, all without relying on without signatures.

Jared Atkinson (@jaredcatkinson), Defensive Services Technical Lead, Veris Group

Joe Desimone (@dez_), Malware Researcher, Endgame

Комментарии

Информация по комментариям в разработке

Похожие видео

  • О нас
  • Контакты
  • Отказ от ответственности - Disclaimer
  • Условия использования сайта - TOS
  • Политика конфиденциальности

video2dn Copyright © 2023 - 2025

Контакты для правообладателей [email protected]