Attacking and Defending AD Workshop

Presented by

Andy Robbins, Technical Architect, SpecterOps & Co-Creator, BloodHound + Darren Mar-Elia, VP of Product, Semperis"

About this talk

How do you defend Active Directory, aka the “keys to the kingdom,” if you don’t know where the attacks are coming from? Hackers constantly find new ways to break into AD. In this workshop, we’ll demonstrate real-world attacks that are frequently used against AD, including credential theft, Kerberos-based attacks, Group Policy-based attacks, and ACL attacks. The expert presenters will play out both perspectives: attacker and defender. This is a red vs. blue standoff, so don’t expect a bunch of slideware. During this workshop, we will demonstrate: -Ways that hackers can exploit AD in every stage of the cyber kill chain -Common AD hacking and discovery tools such as Mimikatz, PowerSploit, and BloodHound -Proactive steps to identify vulnerabilities in your AD configuration -Strategies to harden your AD so that hackers don’t have an easy path to Domain Admins Attacker: Andy Robbins is an active red teamer, Technical Architect at SpecterOpsan and co-author of BloodHound, a tool designed to reveal the hidden and unintended permission relationships in Active Directory domains. He has performed numerous red team operations and penetration tests against banks, credit unions, health-care providers, defense companies, and other Fortune 500 companies across the world. He has presented at DEF CON, BSides Las Vegas, DerbyCon, ekoparty, and actively researches Active Directory security. He is also a veteran Black Hat trainer. Defender: Darren Mar-Elia, VP of Product at Semperis. A 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. [CPE Credits] You are eligible for CPE Credits. Download your Viewing Certificate from BrightTALK. Speakers: Andy Robbins, Technical Architect, SpecterOps &Co-Creator, BloodHound Darren Mar-Elia, VP of Product, Semperis

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (98)
Subscribers (2677)
Semperis is the pioneer of identity-driven cyber resilience for cross-cloud and hybrid environments. The company provides cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services—the keys to the kingdom. Semperis’ patented technology for Microsoft Active Directory protects over 40 million identities from cyberattacks, data breaches, and operational errors. Semperis is headquartered in New York City and operates internationally, with its research and development team distributed between San Francisco and Tel Aviv. Semperis hosts the award-winning Hybrid Identity Protection conference. The company has received the highest level of industry accolades; most recently being named Best Business Continuity / Disaster Recovery Solution by SC Magazine’s 2020 Trust Awards. Semperis is accredited by Microsoft and recognized by Gartner. Join our next HIP Conference: https://bit.ly/3q6JUbD