Offensive Operating Against SysMon, Carlos Perez – Paul’s Security Weekly #577
September 29, 2018
Carlos Perez delivers the Technical Segment on How to Operate Offensively Against Sysmon. He talks about how SysMon allows him to create rules, and track specific types of tradecraft, around process creation and process termination. He dives into network connection, driver loading, image loading, creation of remote threats, and more!
Full Show NotesVisit our website: http://securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
[caption id="attachment_210" align="alignleft" width="120"] Joff Thyer - Security Analyst, Black Hills Information Security.[/caption][caption id="attachment_210" align="alignleft" width="120"] Carlos Perez - Principal Consultant, Team Lead for Research, TrustedSec.[/caption][caption id="attachment_210" align="alignleft" width="120"] Paul Asadorian - CEO, Security Weekly.[/caption][caption id="attachment_210" align="alignleft" width="120"] Jason Wood - Founder; Primary Consultant, Paladin Security.[/caption][audio src="http://traffic.libsyn.com/pauldotcom/Offensive_Operating_Against_SysMon_Carlos_Perez_-_Pauls_Security_Weekly_577_converted.mp3" ]
The CIO of Artesia General Hospital in rural Southeast New Mexico shares the ongoing staffing and resource challenges he faces on a daily basis, and how his IT team tackles risk and workforce training.
The Federal Energy Regulatory Commission is asking input on information collection regulations for how energy companies secure bulk electric systems while its CIO speculated earlier this month that regulated energy utilities will likely need to follow recent government actions around implementing zero trust architectures.