Join this hands-on session based on lessons learned from AD forensics incidents, hunting for clues without AD logs (wiped/missing), introducing a Toolkit of open-source tools, in a session full on demos & scenarios.
Active Directory runs most of the world's identity & access control since the 90's, yet new attacks and creative privilege escalation paths are found constantly. Organizations often struggle to understand who did what and when in their domains, even with commercial tools in place.
This session will be held by Yossi Sassi. Yossi is a InfoSec researcher & friendly hacker. Sassi has accumulated extensive experience in information security for ~30 years, in Red-Blue team assessments, conducting DF/IR investigations and more, including Fortune100 accounts.
Ex-member of Javelin Networks, a unique defense solution for Active Directory (acquired by Symantec). Worked for Microsoft 8 years as Technology Group Manager and coded support tools for Windows Server. Sassi spoke at TED and TEDx events, and was awarded 4 Peace and friendship awards.
If you are using AD - we promise that you should not miss this session!