Skip Navigation
Get a Demo
 
Share
Resources Webinars

The Detection Series: Credential Access

Join us to learn more about malicious credential access. We’ll discuss how adversaries leverage the MITRE ATT&CK tactic, where defenders can look to find malicious activity, how to develop detection analytics for it, and how to test your detection and visibility capabilities.

ON-DEMAND

1 Hour

Virtual

Join us to learn more about malicious credential access. We’ll discuss how adversaries leverage the MITRE ATT&CK tactic, where defenders can look to find malicious activity, how to develop detection analytics for it, and how to test your detection and visibility capabilities.

 

Credential Access (TA0006) is a key component of nearly every intrusion. Adversaries leverage the tactic to steal usernames, passwords, and tokens that they then use to gain access to systems, evade detection, and create additional accounts for further abuse. OS Credential Dumping (T1003) and sub-techniques like LSASS Memory (T1003.001) offer adversaries tried-and-true methods of gaining access to legitimate user accounts and systems—and are among the primary methods of credential access and credential dumping that we’ll examine.

In this hour-long webinar, experts from CrowdStrike, MITRE ATT&CK®, and Red Canary will provide insight into:

  • Common ways that adversaries abuse credential access
  • Tools and log sources that collect relevant telemetry
  • How to detect, mitigate, and respond to credential access techniques
  • Strategies for testing your security controls by emulating suspicious credential access activity with Atomic Red Team
MEET THE SPEAKERS
 
Rachel Schwalk
Detection Engineer | Red Canary
Rachel’s background is primarily in blue team operations. Rachel spent several years working as a cybersecurity analyst on an incident response team. In this role, she became fascinated with digital forensics and threat detection. She is now on the Detection Engineering team at Red Canary, where she spends her time hunting for evil across customer environments and developing new methods of detection.
Rachel’s background is primarily in blue team operations. Rachel spent several years working as a cybersecurity analyst on an incident response team. In this role, she became fascinated with digital forensics and threat detection. She is now on the Detection Engineering team at Red Canary, where she spends her time hunting for evil across customer environments and developing new methods of detection.
 
Jimmy Astle
Sr. Director, Detection Enablement | Red Canary
Jimmy has over 15 years of in-depth exposure to Incident Response, Threat Intelligence, Endpoint Security R&D, and cybersecurity testing/simulations. Prior to Red Canary, Jimmy was the Team Lead of Applied Threat Research at Carbon Black and worked for the Cyber Systems Assessments Group at MIT Lincoln Laboratory, where he assisted critical National Security intelligence-gathering missions.
Jimmy has over 15 years of in-depth exposure to Incident Response, Threat Intelligence, Endpoint Security R&D, and cybersecurity testing/simulations. Prior to Red Canary, Jimmy was the Team Lead of Applied Threat Research at Carbon Black and worked for the Cyber Systems Assessments Group at MIT Lincoln Laboratory, where he assisted critical National Security intelligence-gathering missions.
 
Casey Knerr
Cybersecurity Engineer | MITRE
Casey Knerr is a cybersecurity engineer at MITRE and a member of the MITRE ATT&CK for Enterprise team, where she provides cloud expertise. Prior to joining MITRE, she worked as a penetration tester and completed a BSFS in Science, Technology, and International Affairs at Georgetown University and an MSc in Computer Science at the University of Oxford.
Casey Knerr is a cybersecurity engineer at MITRE and a member of the MITRE ATT&CK for Enterprise team, where she provides cloud expertise. Prior to joining MITRE, she worked as a penetration tester and completed a BSFS in Science, Technology, and International Affairs at Georgetown University and an MSc in Computer Science at the University of Oxford.
 
Jared Myers
Sr. Manager, Falcon Overwatch | CrowdStrike
Jared has been working in cybersecurity for 18 years. Initially he conducted Digital Forensics as part of Law Enforcement duties working on different FBI task forces. Jared also worked as an intrusion analyst and reverse engineer for the US DoD. He then spent almost a decade delivering commercial incident response at various firms. Jared oversaw VMware Carbon Black's Threat Analysis Unit as well as leading the Nation State and Advanced Tactics group.
Jared has been working in cybersecurity for 18 years. Initially he conducted Digital Forensics as part of Law Enforcement duties working on different FBI task forces. Jared also worked as an intrusion analyst and reverse engineer for the US DoD. He then spent almost a decade delivering commercial incident response at various firms. Jared oversaw VMware Carbon Black's Threat Analysis Unit as well as leading the Nation State and Advanced Tactics group.
 
 
 
 
Back to Top