This talk will demonstrate a defender and attacker playing a game of whack-a-mole using “living off the land” approaches both defensively and offensively. The talk will demonstrate how free Microsoft tools and other OSS can be used to build a robust defensive framework capable of detecting new and stealthy attacks.
Lee Kagan is an offensive security professional with almost a decade in IT and InfoSec. Penetration tester, red teamer and currently lead for RedBlack Security’s Rogue Team specializing in threat and adversary emulation in Toronto, Canada. Lee’s focus on the team and in practice is offensive infrastructure support, post-exploitation of Windows and Active Directory environments, PowerShell and C# weaponization. Anton Ovrutsky is a Senior Security Analyst in the insurance industry, interested in the intersection of offensive and defensive security techniques. Anton’s focus is currently on SIEM tuning and effective use of logs to catch malicious activity. Anton has been in the security industry for six years and holds an OSCP, OSCE and CISSP.