Open Threat Research - The Hunt for Red Apples: How to threat hunt and emulate Ocean Lotus on macOS
Автор: SANS Digital Forensics and Incident Response
Загружено: 2021-11-26
Просмотров: 1571
Open Threat Research (OTR) is a community movement that brings together passionate security researchers from different backgrounds and levels of expertise that have a goal in common to collaborate, share, and contribute to open source initiatives! A group of researchers got together to develop a new project: "The Hunt For Red" Threat Hunt Workshop Series. To kick off the series we concentrated on MacOs and emulated a known adversary: Ocean Lotus.
In this talk we will share the ups and downs of emulating an adversary, our approach and methodology. Leveraging the Attack Life Cycle and Mitre ATT&CK framework we will share threat hunting queries and detection ideas for each stage we emulated. Finally, after the session, we will unveil and open source the final project.
Carlos R, Threat Hunting Operations Lead, Yahoo - / plugxor
Ben Bornholm, DART Engineer, Dropbox - / cptofevilminion
View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
#ThreatHuntingSummit #OceanLotus
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
![[Webinar] Partner Spotlight: Jamf](https://image.4k-video.ru/id-video/fENV1zARM0o)
