Back To Schedule
Thursday, August 29 • 11:30am - 12:30pm
Getting Splunky with Lateral Movement - Attack, Detect and Evade

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Following on from our talk at SteelCon 2019 (Getting Splunky with Kerberos) we’ve decided to extend the Attack, Detect, Evade concept to the topic of Lateral Movement.

Along with initial execution and laying of persistence, lateral movement is often one of the key points in a red team engagement that can lead to a detection by the blue team. In this talk we will demonstrate how attackers carry out lateral movement, dive into how they can be detected, before demonstrating how the red team can successfully evade these detections.

Whilst this talk will use Splunk as the data platform, these techniques can be used on any platform of your choosing.


Ross Bingham

Ross (@PwnDexter) - Red Teamer @ NettitudeRoss is a Senior Security Consultant working within Nettitude’s red team, the bulk of his time is spent delivering red team engagements, fighting EDR products, or reporting! Otherwise working on research, tool development and our detection... Read More →

Tom MacDonald

Mac (@BaffledJimmy) - Red Teamer @ Nettitude:Mac is a Managing Principal Security Consultant at Nettitude, working on large internal infrastructure and red team engagements. He is never happier than when abusing sysadmin tools to compromise environments, as it reminds him of his younger... Read More →

Thursday August 29, 2019 11:30am - 12:30pm BST
Track 1