Beyond the Fortress Network David C. Broussard Principal Consultant @dbroussa Blogs.catapultsystems.com/dbroussard
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Beyond the Fortress Network David C. Broussard
Principal Consultant
@dbroussa
Blogs.catapultsystems.com/dbroussard
Who am I?
The Fortress Network
Security in the old mindset
What are we concerned about again?
Did it work?
−
−
Bad EXTERNAL actor
−
−
−
−
−
−
Story Time
−
−
−
−
−
−
Story Time 2
−
−
−
−
−
−
−
−
Malicious INTERNAL Actor
−
−
−
−
−
−
Story Time 3
−
−
−
−
−
Story Time 4
−
−
−
−
−
−
−
Core questions about security
DELIVERY
Employee A opens infected
email on workstation2
A
Malware
EXPLOITATION
Employee B opens infected
email using mobile device2
BMalware
Infected phone disables
Antivirus; and compromised
credentials used to access
Email service
3Control Evasion
Password/Hash Dumping
3Threat Actor gather
credentials on
compromised machine
COMMAND AND
CONTROL
Credentials harvested after
Employee attempts login
to bogus site2
4Threat Actors move
laterally within network
using compromised
credentials
Compromised Credential
ACTIONS ON
OBJECTIVE
5Threat Actors use compromised
devices/accounts to exfiltrate PII
48 Hours 200+ Days
PII
Leak/Exfiltrate Data
Threat Actor targets employees
via phishing campaign1
Phishing
3Compromised credentials
used to access service
Mobile Device Management
−
−
−
−
Risk Based Access
Data Loss Prevention and Encryption
Threat Detection and Prevention
−
−
−
−
Tools that you didn’t know you had
http://get.catapultsystems.com/0365-business-registration
http://get.catapultsystems.com/0365-bootcamp-registration-it-track/
@CloudWhisperers
Learn More
Related Documents
