Deception And Discovery: How Attackers Hide Backdoor Accounts (And How Defenders Find Them)

Date: July 07, 2021
Location: Online


Approaching an attack from all angles—conducting, detecting, and defending against them—can be a key element for strengthening the capabilities of security teams via Purple Team exercises and collaborative learning. However, finding practical examples of a correlated technique and detection can be difficult in day-to-day work. 

Ben Mauch, Team Lead, Defense & Countermeasures at TrustedSec, and Randy Pargman, VP of Threat Hunting & Counterintelligence at Binary Defense, will present multiple approaches that can benefit both offensive teams (such as Red Teams) and defensive teams (such as administrators and security operations). 

During the webinar, Mauch and Pargman will demonstrate an open-source tool that is designed for Red Teams to add backdoor accounts, which are created through methods that make detection difficult. As a way of countering this strategy, multiple techniques will be demonstrated that can be used by Threat Hunters to discover these deceptive accounts and investigate further to determine what actions the attacker took. 

Join Mauch and Pargman for this joint webinar and live demonstration of practical tools that security teams can begin utilizing immediately.