(ISC)2 Richmond Metro Monthly Meeting - June 2019

June's Monthly Meeting 

Speaker – Ryan O'Boyle from Varonis

Attendees from Varonis - Daniel Hatter and Brandon Lapetina

Topic - Cyber Attacks - Attack Lab Demo

Ryan O’Boyle, GCIH is a Team Lead for the Incident Response and Security Architecture team at Varonis. Ryan has an engineering background with experience in IT infrastructure, Incident Response, and Data Protection. Varonis’ team of security professionals provide complementary Incident Response services to all existing customers. In addition, they work with customers to operationalize the Varonis Data Security Platform and integrate Varonis into the security ecosystem.
 
The presentation will focus on a common attack vector which highlights how Insiders can exploit basic Windows functionality to escalate privileges and gain access to sensitive enterprise data. The first part of the presentation will walk through the attack scenario where a technical insider performs basic reconnaissance, compromises a service account, and uses the privileged service account to access critical financial data. Once the attack is complete, we will shift gears to the Blue Team and show how an analyst would be able to use the Varonis Data Security Platform to perform a forensic investigation, piecing this timeline back together. Using Varonis’ threat detection capabilities, the analyst will be able to understand the malicious actions performed by the insider and analyze how an automated response would be able to prevent a similar scenario from occurring again in the future.  

If you are unable to attend the meeting at the scheduled location, join virtually.

Details will be posted for remote session prior to the Monthly Meeting. 

Thank you to this month's sponsor Varonis