Getting Splunky with Lateral Movement - Attack, Detect and Evade presented at BSidesManchester 2019

by Ross Macdonald,

Summary : Following on from our talk at SteelCon 2019 (Getting Splunky with Kerberos) we’ve decided to extend the Attack, Detect, Evade concept to the topic of Lateral Movement.Along with initial execution and laying of persistence, lateral movement is often one of the key points in a red team engagement that can lead to a detection by the blue team. In this talk we will demonstrate how attackers carry out lateral movement, dive into how they can be detected, before demonstrating how the red team can successfully evade these detections.Whilst this talk will use Splunk as the data platform, these techniques can be used on any platform of your choosing.