Credential Assessment - Mapping Privilege Escalation at Scale
-
Upload
scriptjunkie -
Category
Technology
-
view
560 -
download
3
Transcript of Credential Assessment - Mapping Privilege Escalation at Scale
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10
Adversary access (# boxes owned) 1 1 2 2 2 10000 10000 10000 10000 10000
1
10
100
1000
10000
Adversary access (# boxes owned)
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10
Adversary access (# boxes owned) 1 1 2 2 2 10000 10000 10000 10000 10000
1
10
100
1000
10000
Adversary access (# boxes owned)
Find and fix all the
vulnerabilities, block
contractor access
Pentests, vuln
assessments
Many companies try this.
Find known malware.
The entire AV industry does this.
Hunt anomalies
Fewer do this.
Both are important parts of a security program
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10
Adversary access (# boxes owned) 1 1 2 2 2 10000 10000 10000 10000 10000
1
10
100
1000
10000
Adversary access (# boxes owned)
What happened
here?!
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10
Adversary access (# boxes owned) 1 1 2 2 2 10000 10000 10000 10000 10000
1
10
100
1000
10000
Adversary access (# boxes owned)
Bad guys got a DA token;
Creds left on a webserver.
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10
Adversary access (# boxes owned) 1 1 2 2 2 10000 10000 10000 10000 10000
1
10
100
1000
10000
Adversary access (# boxes owned)
Malware detection and vulnerable boxes are not the biggest enterprise problem, admin creds lying
around all over the domain is.
Bad guys got a DA token;
Creds left on a webserver.