Surviving a Compromise: Developing Critical Decision-Making Skills to Survive Attacks Like Sunburst

In the face of an emerging security incident, how you respond isn’t just about your technical abilities; the need to quickly respond to and remediate a situation will challenge how you make decisions in the heat of what can potentially become a crisis. Attacks like the recent Sunburst attack via Solarwinds makes it clear that…

In the face of an emerging security incident, how you respond isn't just about your technical abilities; the need to quickly respond to and remediate a situation will challenge how you make decisions in the heat of what can potentially become a crisis. Attacks like the recent Sunburst attack via Solarwinds makes it clear that even the most well-patched environments can be susceptible to vulnerabilities found within third-party solutions.

But how can you prepare for and develop better decision-making skills for addressing a scenario like Sunburst that has never happened before?

In this webinar, we join the experts at Ultimate Windows Security to discuss how decision-making is the real litmus test of incident response, why it’s a challenge, and how poor decision-making skills may have added to the impact of the Sunburst breach.

We also walk through our Sunburst Crisis Sim scenario, where attendees play decision-maker in addressing this compromise, as well as showcase our Solarwinds labs to demonstrate how to:

  • Identify Indicators of Compromise – Using a set of Yara Rules from FireEye, we’ll show how to determine whether the malicious version of the Solarwinds DLL is in use.
  • Analyze Malware – According to open source malware reports, there is a Domain Generation Algorithm that creates unique C2 domains for each installation. We’ll explore the DLL and identify the DGA, discussing how it avoids detection in your network.

Speakers

  • Chris Pace; Technology Advocate, Immersive Labs
  • Kev Breen; Director of Cyber Threat Research, Immersive Labs
  • Nick Cavalancia; Microsoft MVP and cybersecurity expert, Ultimate Windows Security
TOPICS
Threats
Webinar
PUBLISHED

15 January 2021

We help businesses to increase and evidence human capability in every part of cybersecurity.

Follow Us