Angriffe durch „Advanced Threat Analytics“ erkennen
15
SECURE YOUR ENTERPRISE Microsoft Advanced Threat Analytics
-
Upload
sba-research -
Category
Technology
-
view
401 -
download
0
Transcript of Angriffe durch „Advanced Threat Analytics“ erkennen
SECURE YOUR ENTERPRISE
Microsoft Advanced Threat Analytics
WHAT IS CYBERCRIME?
2016 - SBA Research gGmbH
Cybercrime is…
2016 - SBA Research gGmbH
…Money
€ 57 Billion
Damage due to cybercrime in the EU
10.000
Criminal complaints / year in Austria
$ 500 BillionEstimated cybercrime damage worldwide
Cybercrime is…
2016 - SBA Research gGmbH
…Business
Cybercrime is…
2016 - SBA Research gGmbH
…Sophisticated
Source: Mandiant M-Trends Report 2016
ADVANCED ATTACKS NEED ADVANCED DEFENSES
Microsoft Advanced Threat Analytics (ATA)
2016 - SBA Research gGmbH
Threat Analytics in a Nutshell
2016 - SBA Research gGmbH
Threat Analytics detects…
How it works
2016 - SBA Research gGmbH
Reconnaissance
2016 - SBA Research gGmbH
Password Guessing
2016 - SBA Research gGmbH
The Archenemy of Windows
Pass-the-Hash
• Attacker uses stolen password hash to target clients• Search until higher privilged account is found• Compromise other systems or whole infrastructure
2016 - SBA Research gGmbH
Kerberos Pass-the-Ticket
2016 - SBA Research gGmbH
2016 - SBA Research gGmbH
DEMOS
Detecting Zone Transfers, Failed OWA Logins,and Pass-The-Ticket Attacks
