Surviving a Compromise: Developing Critical Decision-Making Skills to Survive Attacks Like Sunburst
In the face of an emerging security incident, how you respond isn’t just about your technical abilities; the need to quickly respond to and remediate a situation will challenge how you make decisions in the heat of what can potentially become a crisis. Attacks like the recent Sunburst attack via Solarwinds makes it clear that…
In the face of an emerging security incident, how you respond isn't just about your technical abilities; the need to quickly respond to and remediate a situation will challenge how you make decisions in the heat of what can potentially become a crisis. Attacks like the recent Sunburst attack via Solarwinds makes it clear that even the most well-patched environments can be susceptible to vulnerabilities found within third-party solutions.
But how can you prepare for and develop better decision-making skills for addressing a scenario like Sunburst that has never happened before?
In this webinar, we join the experts at Ultimate Windows Security to discuss how decision-making is the real litmus test of incident response, why it’s a challenge, and how poor decision-making skills may have added to the impact of the Sunburst breach.
We also walk through our Sunburst Crisis Sim scenario, where attendees play decision-maker in addressing this compromise, as well as showcase our Solarwinds labs to demonstrate how to:
- Identify Indicators of Compromise – Using a set of Yara Rules from FireEye, we’ll show how to determine whether the malicious version of the Solarwinds DLL is in use.
- Analyze Malware – According to open source malware reports, there is a Domain Generation Algorithm that creates unique C2 domains for each installation. We’ll explore the DLL and identify the DGA, discussing how it avoids detection in your network.
- Chris Pace; Technology Advocate, Immersive Labs
- Kev Breen; Director of Cyber Threat Research, Immersive Labs
- Nick Cavalancia; Microsoft MVP and cybersecurity expert, Ultimate Windows Security
15 January 2021
Latest Blog posts
McLaren’s vision for optimizing its cyber workforce with Immersive Labs
27 January 2022
Immersive Labs signs MOU with UAE Government to develop nationwide cyber skills
18 January 2022
Patch Newsday: Christmas Chaos or Silent Night?
17 December 2021
Everything you need to know about Log4Shell (CVE-2021-44228)
13 December 2021
Helping McLaren stay cyber resilient off the track, so they can perform on it
9 December 2021
Netgear vulnerabilities could put small business routers at risk
2 December 2021