This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Here’s the schedule for this year. Registering here does not count. You MUST register to attend any of these. You may register here: https://www.bsidesslc.org/registration.html

You cannot manually add workshops to your schedule. You need to go register for them at https://www.bsidesslc.org/signup.html, and then the workshp will be added to your schedule.
View analytic
Friday, March 10 • 1:30pm - 2:30pm
Windows Credential Attacks, Mitigation, and Defense
Feedback form is now closed.
Windows credentials are arguably the largest vulnerability affecting the modern enterprise.  Credential harvesting is goal number one post-exploitation, and hence it provides an appealing funnel point for identifying attacks early in the kill chain.  Unfortunately, credentials are diverse and numerous in Windows, and so are the attacks.  With significant credential theft mitigations released in Win8.1, Win10 and Server 2012/2016, both red and blue teams require an enhanced understanding of Windows credentials.  Red teamers may suddenly find their favorite techniques obsolete, while the blue team needs to take advantage of available mitigation techniques as soon as possible.  Credential types, attack tools, and mitigation will all be discussed, giving insight into both sides of the equation.


Chad Tilbury

Technical Director, CrowdStrike
Chad has been conducting incident response and forensic investigations since 1998. As Technical Director for CrowdStrike, he provides technical leadership for the services team, driving innovation to support customers in IR, remediation, forensic support, penetration testing, and compromise assessment. Chad is a Senior Instructor at the SANS Institute and co-author of the FOR408 and FOR508 courses.

Friday March 10, 2017 1:30pm - 2:30pm
Track 3 Salt Palace Convention Center

Attendees (29)

Twitter Feed