How LUCR-3 (Scattered Spider) Orchestrates Identity-Based Attacks Across Environments

Logo
Presented by

Ian Ahl, SVP of P0 Labs, Permiso Security

About this talk

Advanced threat actors are compromising the identity infrastructure of some of the largest organizations in the world with ease. Upon gaining access to the identity provider, they are able to move laterally into Iaas, PaaS, and SaaS environments and steal data - all in the course of 2-3 days. Join Ian Ahl, SVP of P0 labs and former Head of Advanced Practices at Mandiant, as he shares knowledge stemming from responding to hundreds of breaches in his career. Ian will walk through how advanced threat groups target human and non-human identities for compromise, how they maintain persistence in environments, and provide some tips for detecting suspicious and malicious activity in identity providers, cloud service provides, and SaaS applications. He’ll also provide actionable steps security teams can take to prevent breaches or know about them as quickly as possible. Attendees Will Learn: – How advanced threat groups target human and non-human identities for compromise – Tips for detecting suspicious and malicious activity in identity providers, cloud service provides, and SaaS applications – Actionable steps security teams can take to prevent breaches or know about them as quickly as possible
Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (101)
Subscribers (7476)
This channel brings together the leading identity and security vendors and industry experts to regularly educate security leaders on how to reduce risk through identity-centric strategies. For more resources and education on identity-centric security strategies, visit www.idsalliance.org.