Lateral Movement for the Blue Team

Presented at DerbyCon 7.0 Legacy (2017), Sept. 22, 2017, 5 p.m. (55 minutes)

"If i get accepted i want to change this description to something less formal and more comic but here is what i have now: After obtaining an initial foothold on an environment, sophisticated attackers need to embark in lateral movement tasks in order to be successful in identifying and exfiltrating sensitive information. Being a buzzword, LM is sometimes perceived as a magical thing attackers perform as part of a breach without really understanding it. As defenders, we need to have a clear understating on how LM can be achieved. This presentation will describe how an attacker can perform lateral movement and what can cyber defenders do to prevent and detect it." Peruvian, Infosec Geek who started as a pentester and is currently in the Blue team at a financial services in New York. @mvelazco

Presenters:

• Mauricio Velazco

Links:

• https://www.derbycon.com/friday-schedule/#event-42

Similar Presentations:

• DerbyCon 8.0 Evolution (2018) / The Layer2 Nightmare
• Black Hat USA 2017 / The Industrial Revolution of Lateral Movement
• GrrCON 2014 / Advanced Threats and Lateral Movement Protection