21 JAN Chapter Meeting — Detecting Lateral Movement in Windows Environments with a look at Solar Winds hack

Casey Priester, VP for Client Services, AtomiCorp

21 January 2021 @ 6pm — Virtual Meeting with Goto Webinar

To register, click here.

Join us for a timely assessment of lateral movement techniques in the Windows environment, including those leveraged in the SolarWinds SUNBURST attack. Using actual attacker and red-team TTPs, and exploring lesser-known aspects of Windows logging, Casey Priester will highlight key indicators in native Windows logs that can be used to detect common lateral movement mechanisms, from hidden Windows shares to LOLBINs to Powershell.

About our Speaker
Casey Priester CISSP CISA CSX-P SSCP CEH CySA+Vice President – Client ServicesAtomicorp, Inc.Mr. Priester has been working in cyber security for over 20 years, performing his first penetration test of a Juniper M20 router in 2000. Since then he has performed penetration tests, vulnerability assessments, risk assessments, C&A, IV&V, incident response, forensics, and risk management consulting for Federal, State, and local governments as well as private industry. For the last eleven years, he has been one of the senior consultants to the Nuclear Regulatory Commission’s cyber security inspection program for civilian nuclear facilities, helping to develop regulations and guidance, train inspectors, and assist in inspecting nuclear power plants and fuel-cycle facilities.