This highly technical talk will showcase modern intrusion techniques, and how to defend against them. The talk focuses on a number of modern techniques red teams (and real adversaries) use for initial access and persistence, in primarily cloud and hybrid-based environments.
Showcasing, modern phishing, payload delivery, password spraying, credential and (session) token stealing techniques, abusing device enrollment and how to maintain access in a target environment. For each attack technique there will be a defensive rundown, showing how to detect and protect against the techniques.
This talk will be Eirik Sveen. Eirik is a senior security consultant that specializes in red teaming, adversary simulation and infrastructure security. Eirik loves (responsibly) breaking into target companies, and thrives by combining clever social engineering with modern phishing and payload delivery techniques.
Eirik has worked with large to medium-sized projects in network and IT infrastructure, specializing in red teaming and penetration testing of Active Directory and Azure-based enterprise solutions.
He has several years of experience from network operations and incident response at a managed service provider, a position that gave him a deep understanding of the importance of internal and external network security. Eirik is well knowen speaker and and he's one of the hosts of 5H3LLcast, a Norwegian security related podcast.
Do not miss this session if want to understand the modern Intrusion Techniques and get a jump start to protect your systems!