ON DEMAND
A demo showing how CrowdStrike detects and mitigates key Sunburst TTPs
As evident from the recent Sunburst attack, dynamic IT environments and digital transformation initiatives are vulnerable to bad actors that use a variety of tactics, techniques and procedures (TTPs) to launch a highly targeted attack through traditional IT processes.
Enterprises should focus on mitigating the most recent Sunburst post-exploit activities while also preparing to detect, mitigate and prevent future threats that use similar TTPs.
In this CrowdCast, Andrew Harris, CrowdStrike’s Public Sector Technology Strategist (NA and EMEA sessions) or Mike Sentonas, CrowdStrike’s CTO (APAC session), will demonstrate how CrowdStrike Falcon® detects and prevents:
- The Sunburst attack and key learnings on Sunspot and other entry point malware
- Lateral movement, including leveraging the use of service accounts
- Golden SAML (Security Assertion Markup Language) credential dump of an Active Directory Federation Services (AD FS) server
Featured Speakers
Andrew Harris (NA & EMEA)
Sr. Director, Public Sector Technology Strategy
Andrew Harris is currently the Senior Director for Public Sector Technology Strategy at CrowdStrike. He is responsible for driving innovation and technical alignment for the Public Sector vertical, ensuring CrowdStrike continues to deliver best-of-breed capabilities to its customers, in a compliant and integrated manner so customers can confidently consume its services.
Prior to joining CrowdStrike, Andrew worked at Microsoft as a Principal Program Manager, where he focused on engineering solutions across 50+ engineering teams for major government contracts. He served as the CTO for the Customer Experience Engineering (CxE) team for Microsoft Azure’s security products and services, both internal and external, helping drive strategy and deliver customer enablement capabilities. Andrew led the Recovery team at Microsoft for Incident Response and helped NIST write the playbook on SP 800-184, “Guide for Cybersecurity Event Recovery.” In addition, Andrew served as a Special Advisor to the White House, U.S. House of Representatives, Pentagon and various Fortune 100 companies. Prior to Microsoft, Andrew was a U.S. Department of Defense (DoD) civilian where he spearheaded multiple enterprise-wide capabilities.
Michael Sentonas (APAC)
Chief Technology Officer, CrowdStrike
Mike Sentonas is CrowdStrike’s Chief Technology Officer. Previously, he served as Vice President, Technology Strategy at CrowdStrike. With over 20 years’ experience in cybersecurity, Mike’s most recent roles prior to joining CrowdStrike were Chief Technology Officer – Security Connected and Chief Technology and Strategy Officer APAC, both at McAfee (formerly Intel Security). Mike is an active public speaker on security issues and provides advice to government and business communities on global and local cyber security threats.
He is highly-sought after to provide insights into security issues and solutions by the media including television, technology trade publications and technology centric websites. Michael has spoken around the world at numerous sales conferences, customer and non-customer conferences and contributes to various government and industry associations’ initiatives on security. Michael holds a bachelor’s degree in computer science from Edith Cowan University, Western Australia and has an Australian Government security clearance.
Discover More at our
Resource Center
Tech Hub
For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Hub.
Visit Tech Hub