A demo showing how CrowdStrike detects and mitigates key Sunburst TTPs
As evident from the recent Sunburst attack, dynamic IT environments and digital transformation initiatives are vulnerable to bad actors that use a variety of tactics, techniques and procedures (TTPs) to launch a highly targeted attack through traditional IT processes.
Enterprises should focus on mitigating the most recent Sunburst post-exploit activities while also preparing to detect, mitigate and prevent future threats that use similar TTPs.
In this CrowdCast, Andrew Harris, CrowdStrike’s Public Sector Technology Strategist, will demonstrate how CrowdStrike Falcon detects and prevents:
- The Sunburst attack and key learnings on Sunspot and other entry point malware
- Lateral movement, including leveraging the use of service accounts
- Golden SAML (Security Assertion Markup Language) credential dump of an Active Directory Federation Services (AD FS) server
Featured Speakers
Michael Sentonas
Chief Technology Officer, CrowdStrike
Mike Sentonas is CrowdStrike’s Chief Technology Officer. Previously, he served as Vice President, Technology Strategy at CrowdStrike. With over 20 years’ experience in cybersecurity, Mike’s most recent roles prior to joining CrowdStrike were Chief Technology Officer – Security Connected and Chief Technology and Strategy Officer APAC, both at McAfee (formerly Intel Security). Mike is an active public speaker on security issues and provides advice to government and business communities on global and local cyber security threats. He is highly-sought after to provide insights into security issues and solutions by the media including television, technology trade publications and technology centric websites. Michael has spoken around the world at numerous sales conferences, customer and non-customer conferences and contributes to various government and industry associations’ initiatives on security. Michael holds a bachelor’s degree in computer science from Edith Cowan University, Western Australia and has an Australian Government security clearance.