Pen Testing & Adversary Emulation - Carlos Perez - PSW #789 - podcast episode cover

Pen Testing & Adversary Emulation - Carlos Perez - PSW #789

Paul's Security Weekly (Video)
Jun 29, 20231 hr 7 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

In this segment we welcome Carlos Perez back to the show! Carlos will discuss methods we can use to hide one systems and cover our tracks.

We'll cover how on a system (as administrator) the blue team's struggle using default logs or even on a default install of Sysmon to detect an attacker. Attackers can selectively disable modern event log providers, take action and then re-enable. We will demo this and how to best monitor for this technique.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-789 

For the best experience, listen in Metacast app for iOS or Android