Defending against attackers relies on the fact that you understand their techniques, tools and procedures. In this presentation I'll walk through common post-exploitation techniques used by various attack groups. Many of todays enterprise and small business simply assume defensive products are a one size fits all solution to detecting and stopping attackers through every phase of an attack. The reality is that each network, and each critical resource that needs to be protected needs thorough planning around security architecture. In order to do that, you need to understand attacker tools, techniques and procedures once they've gained access, because it's not only about penetrating the network. They may have won the battle by breaking in, but they haven't won the war. There are multiple opportunities to introduce a killchain to mitigate a successful attack. I'll walk through some basic post exploitation techniques and we'll talk about technological mitigations that can help any company build a kill chain.
Stephan Chenette is the Founder of AttackIQ (http://www.attackiq.com), most recently Stephan was the Director of Research and Development at IOActive where he conducted ongoing research to support internal and external security initiatives within the IOActive research team. Chenete has been in involved in security research for the last 10 years