Attacking and Defending AD Workshop

How do you defend Active Directory, aka the “keys to the kingdom,” if you don’t know where the attacks are coming from? Hackers constantly find new ways to break into AD. In this workshop, we’ll demonstrate real-world attacks that are frequently used against AD, including credential theft, Kerberos-based attacks, Group Policy-based attacks, and ACL attacks. The expert presenters will play out both perspectives: attacker and defender. This is a red vs. blue standoff, so don’t expect a bunch of slideware. During this workshop, we will demonstrate: -Ways that hackers can exploit AD in every stage of the cyber kill chain -Common AD hacking and discovery tools such as Mimikatz, PowerSploit, and BloodHound -Proactive steps to identify vulnerabilities in your AD configuration -Strategies to harden your AD so that hackers don’t have an easy path to Domain Admins Attacker: Andy Robbins is an active red teamer, Technical Architect at SpecterOpsan and co-author of BloodHound, a tool designed to reveal the hidden and unintended permission relationships in Active Directory domains. He has performed numerous red team operations and penetration tests against banks, credit unions, health-care providers, defense companies, and other Fortune 500 companies across the world. He has presented at DEF CON, BSides Las Vegas, DerbyCon, ekoparty, and actively researches Active Directory security. He is also a veteran Black Hat trainer. Defender: Darren Mar-Elia, VP of Product at Semperis. A 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. [CPE Credits] You are eligible for CPE Credits. Download your Viewing Certificate from BrightTALK. Speakers: Andy Robbins, Technical Architect, SpecterOps &Co-Creator, BloodHound Darren Mar-Elia, VP of Product, Semperis