Surviving a Compromise: Developing Critical Decision-Making Skills to Survive Attacks Like Sunburst
In the face of an emerging security incident, how you respond isn’t just about your technical abilities; the need to quickly respond to and remediate a situation will challenge how you make decisions in the heat of what can potentially become a crisis. Attacks like the recent Sunburst attack via Solarwinds makes it clear that…
In the face of an emerging security incident, how you respond isn't just about your technical abilities; the need to quickly respond to and remediate a situation will challenge how you make decisions in the heat of what can potentially become a crisis. Attacks like the recent Sunburst attack via Solarwinds makes it clear that even the most well-patched environments can be susceptible to vulnerabilities found within third-party solutions.
But how can you prepare for and develop better decision-making skills for addressing a scenario like Sunburst that has never happened before?
In this webinar, we join the experts at Ultimate Windows Security to discuss how decision-making is the real litmus test of incident response, why it’s a challenge, and how poor decision-making skills may have added to the impact of the Sunburst breach.
We also walk through our Sunburst Crisis Sim scenario, where attendees play decision-maker in addressing this compromise, as well as showcase our Solarwinds labs to demonstrate how to:
- Identify Indicators of Compromise – Using a set of Yara Rules from FireEye, we’ll show how to determine whether the malicious version of the Solarwinds DLL is in use.
- Analyze Malware – According to open source malware reports, there is a Domain Generation Algorithm that creates unique C2 domains for each installation. We’ll explore the DLL and identify the DGA, discussing how it avoids detection in your network.
- Chris Pace; Technology Advocate, Immersive Labs
- Kev Breen; Director of Cyber Threat Research, Immersive Labs
- Nick Cavalancia; Microsoft MVP and cybersecurity expert, Ultimate Windows Security
15 January 2021
Latest Blog posts
Why You Shouldn’t Blindly Trust the Software Supply Chain
23 November 2021
Welcoming Snap Labs to the team – and accelerating towards the future of Immersive Labs
15 November 2021
Patch Newsday: Wild CVEs & CISA Directives
10 November 2021
Patch Newsday: 12 October 2021 – Spooky Spooler and Sinister Scores
13 October 2021
Building cyber resilience for the Financial Services sector with breadth and at scale
4 October 2021
OWASP Top 10 2021 has finally landed – here’s why you should care
27 September 2021