Sans Summit 2019 作者: Hack Inn 时间: June 26, 2019 分类: 安全大会资料 访问: 3,048 次 <!--weixin_begin--> > 本资料为SANS 2019年全年会议资料,由本站自行整理,不定期更新。目前一共包含8个分会议,一百余篇资料。 ### Cyber Threat Intelligence Summit #### 1、[Cloudy with Low Confidence of Threat Intelligence:How to Use and Create Threat Intelligence in an Office 365 World](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Cloudy%20with%20Low%20Confidence%20of%20Threat%20Intelligence:How%20to%20Use%20and%20Create%20Threat%20Intelligence%20in%20an%20Office%20365%20World.pdf) #### 2、[Untying the Anchor:Countering Unconscious Bias in Threat Intelligence Analysis](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Untying%20the%20Anchor:Countering%20Unconscious%20Bias%20in%20Threat%20Intelligence%20Analysis.pdf) #### 3、[Analytic Tradecraft in the Real World](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Analytic%20Tradecraft%20in%20the%20Real%20World.pdf) #### 4、[Language and Culture in Threat Intelligence](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Language%20and%20Culture%20in%20Threat%20Intelligence.pdf) #### 5、[Effectively Communicating Threat Intel and Its Value](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Effectively%20Communicating%20Threat%20Intel%20and%20Its%20Value.pdf) <!--more--> #### 6、[Schroedinger’s Backslash:Tracking the Chinese APT Goblin Panda with RTF Metadata](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Schroedinger’s%20Backslash:Tracking%20the%20Chinese%20APT%20Goblin%20Panda%20with%20RTF%20Metadata.pdf) #### 7、[A Brief History of Attribution Mistakes](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/A%20Brief%20History%20of%20Attribution%20Mistakes.pdf) #### 8、[Meet Me in the Middle:Threat Indications and Warning in Principle and Practice](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Meet%20Me%20in%20the%20Middle:Threat%20Indications%20and%20Warning%20in%20Principle%20and%20Practice.pdf) #### 9、[Quality Over Quantity:Determining Your CTI Detection Efficacy](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Quality%20Over%20Quantity:Determining%20Your%20CTI%20Detection%20Efficacy.pdf) #### 10、[How to Get Promoted:Developing Metrics to Show How Threat Intel Works](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/How%20to%20Get%20Promoted:Developing%20Metrics%20to%20Show%20How%20Threat%20Intel%20Works.pdf) #### 11、[Frameworks and Why We Use Them](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Frameworks%20and%20Why%20We%20Use%20Them.pdf) #### 12、[Your CTI with Lessons Learned from Four Years in the Trenches](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Your%20CTI%20with%20Lessons%20Learned%20from%20Four%20Years%20in%20the%20Trenches.pdf) #### 13、[A Crash Course in Cyber Threat Intelligence Basics](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/A%20Crash%20Course%20in%20Cyber%20Threat%20Intelligence%20Basics.pdf) #### 14、[Applying WWII-Era Analytic Techniques to CTI](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Threat%20Intelligence%20Summit/Applying%20WWII-Era%20Analytic%20Techniques%20to%20CTI.pdf) ### Cyber Security Middle East Summit #### 1、[Actionable CTI Not a Pipedream](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Security%20Middle%20East%20Summit/Actionable%20CTI%20Not%20a%20Pipedream.pdf) #### 2、[Attacking & Defending AWS S3 Bucket](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Security%20Middle%20East%20Summit/Attacking%20&%20Defending%20AWS%20S3%20Bucket.pdf) #### 3、[Emerging threats by SANS Internet Storm Centre](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Security%20Middle%20East%20Summit/Emerging%20threats%20by%20SANS%20Internet%20Storm%20Centre.pdf) #### 4、[Raising the Bar for the Attacker](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Security%20Middle%20East%20Summit/Raising%20the%20Bar%20for%20the%20Attacker.pdf) #### 5、[In the trails of Windshift APT](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Security%20Middle%20East%20Summit/In%20the%20trails%20of%20Windshift%20APT.pdf) #### 6、[A Knack for NAC:Locking Down Network Access Across a Global Enterprise](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Security%20Middle%20East%20Summit/A%20Knack%20for%20NAC:Locking%20Down%20Network%20Access%20Across%20a%20Global%20Enterprise.pdf) #### 7、[Exploiting relationship between Active Directory Objects](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Security%20Middle%20East%20Summit/Exploiting%20relationship%20between%20Active%20Directory%20Objects.pdf) #### 8、[The Case for Building Your Own SOC Automations](https://data.hackinn.com/ppt/SansSummit2019/Cyber%20Security%20Middle%20East%20Summit/The%20Case%20for%20Building%20Your%20Own%20SOC%20Automations.pdf) ### Open-Source Intelligence Summit #### 1、[Backdoors to the Kingdom:Changing the Way You Think about Organizational Reconnaissance](https://data.hackinn.com/ppt/SansSummit2019/Open-Source%20Intelligence%20Summit/Backdoors%20to%20the%20Kingdom:Changing%20the%20Way%20You%20Think%20about%20Organizational%20Reconnaissance.pdf) #### 2、[Beginner’s Business and Legal Research](https://data.hackinn.com/ppt/SansSummit2019/Open-Source%20Intelligence%20Summit/Beginner’s%20Business%20and%20Legal%20Research.pdf) #### 3、[Weaponizing OSINT](https://data.hackinn.com/ppt/SansSummit2019/Open-Source%20Intelligence%20Summit/Weaponizing%20OSINT.pdf) #### 4、[Breach Data,Ethics,and OpSec... Oh My](https://data.hackinn.com/ppt/SansSummit2019/Open-Source%20Intelligence%20Summit/Breach%20Data,Ethics,and%20OpSec...%20Oh%20My.pdf) #### 5、[Hunting Down Malicious Sites Using Certstream Data and Available Web Services](https://data.hackinn.com/ppt/SansSummit2019/Open-Source%20Intelligence%20Summit/Hunting%20Down%20Malicious%20Sites%20Using%20Certstream%20Data%20and%20Available%20Web%20Services.pdf) #### 6、[So, You Want to OSINT Full-Time](https://data.hackinn.com/ppt/SansSummit2019/Open-Source%20Intelligence%20Summit/So,%20You%20Want%20to%20OSINT%20Full-Time.pdf) #### 7、[Using OSINT to Improve Critical Business Decision-Making](https://data.hackinn.com/ppt/SansSummit2019/Open-Source%20Intelligence%20Summit/Using%20OSINT%20to%20Improve%20Critical%20Business%20Decision-Making.pdf) ### Cloud Security Summit #### 1、[Keep it Flexible:How Cloud Makes it Easier and Harder to Detect Bad Stuff](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Keep%20it%20Flexible:How%20Cloud%20Makes%20it%20Easier%20and%20Harder%20to%20Detect%20Bad%20Stuff.pdf) #### 2、[The State of Cloud Security:How Does Your Organization Compare](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/The%20State%20of%20Cloud%20Security:How%20Does%20Your%20Organization%20Compare.pdf) #### 3、[Who Done It:Gaining Visibility and Accountability in the Cloud](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Who%20Done%20It:Gaining%20Visibility%20and%20Accountability%20in%20the%20Cloud.pdf) #### 4、[Automating Cloud Security Monitoring at Scale](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Automating%20Cloud%20Security%20Monitoring%20at%20Scale.pdf) #### 5、[Cloud DFIR:Why so Cirrus](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Cloud%20DFIR:Why%20so%20Cirrus.pdf) #### 6、[Cloud Security at its Finest](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Cloud%20Security%20at%20its%20Finest.pdf) #### 7、[Automating the Creation of Network Firewall Rules Using PowerShell and CI:CD](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Automating%20the%20Creation%20of%20Network%20Firewall%20Rules%20Using%20PowerShell%20and%20CI:CD.pdf) #### 8、[Demonstration of Typical Forensic Techniques for AWS EC2 Instances](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Demonstration%20of%20Typical%20Forensic%20Techniques%20for%20AWS%20EC2%20Instances.pdf) #### 9、[Secrets for All the Things:The Injection of Secrets for Every Application in Your Cloud-Agnostic Environment](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Secrets%20for%20All%20the%20Things:The%20Injection%20of%20Secrets%20for%20Every%20Application%20in%20Your%20Cloud-Agnostic%20Environment.pdf) #### 10、[Cloud Security Automation:From Infrastructure to App](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Cloud%20Security%20Automation:From%20Infrastructure%20to%20App.pdf) #### 11、[Locking Them Out of Their Own House:Access Control to Cloud at Startups](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Locking%20Them%20Out%20of%20Their%20Own%20House:Access%20Control%20to%20Cloud%20at%20Startups.pdf) #### 12、[Secure by Default:Enabling Developers to Focus on Their Mission by Providing Cloud Security for Free](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Secure%20by%20Default:Enabling%20Developers%20to%20Focus%20on%20Their%20Mission%20by%20Providing%20Cloud%20Security%20for%20Free.pdf) #### 13、[Serverless Security:Attackers and Defenders](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Serverless%20Security:Attackers%20and%20Defenders.pdf) #### 14、[Cloud,the Hard Way](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Cloud,the%20Hard%20Way.pdf) #### 15、[Securing your Application Identities](https://data.hackinn.com/ppt/SansSummit2019/Cloud%20Security%20Summit/Securing%20your%20Application%20Identities.pdf) ### Security Operations Summit #### 1、[Use Case Development Utilizing an ARECI Chart](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/Use%20Case%20Development%20Utilizing%20an%20ARECI%20Chart.pdf) #### 2、[Use Case Development as a Driver for SOC Maturation](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/Use%20Case%20Development%20as%20a%20Driver%20for%20SOC%20Maturation.pdf) #### 3、[Breach - ATT&CK - Osquery:Learning from Breach Reports to Improve Endpoint Monitoring](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/Breach%20-%20ATT&CK%20-%20Osquery:Learning%20from%20Breach%20Reports%20to%20Improve%20Endpoint%20Monitoring.pdf) #### 4、[This Will Never Work - Tales from Disappointingly Successful Pen Tests](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/This%20Will%20Never%20Work%20-%20Tales%20from%20Disappointingly%20Successful%20Pen%20Tests.pdf) #### 5、[Managing Security Operations int he Cloud](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/Managing%20Security%20Operations%20int%20he%20Cloud.pdf) #### 6、[The Call Is Coming from Inside the House- How Does Your SOC Respond When Attackers Are On-Site](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/The%20Call%20Is%20Coming%20from%20Inside%20the%20House-%20How%20Does%20Your%20SOC%20Respond%20When%20Attackers%20Are%20On-Site.pdf) #### 7、[How to Disrupt an Advanced Cyber Adversary](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/How%20to%20Disrupt%20an%20Advanced%20Cyber%20Adversary.pdf) #### 8、[How to Literally Think Like an Attacker to Become a Better Defender](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/How%20to%20Literally%20Think%20Like%20an%20Attacker%20to%20Become%20a%20Better%20Defender.pdf) #### 9、[Arming SecOps with a Special Forces Targeting Process](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/Arming%20SecOps%20with%20a%20Special%20Forces%20Targeting%20Process.pdf) #### 10、[Lessons Learned Applying ATT&CK-Based SOC Assessments](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/Lessons%20Learned%20Applying%20ATT&CK-Based%20SOC%20Assessments.pdf) #### 11、[Virtuous Cycles:Rethinking the SOC for Long-Term Success](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/Virtuous%20Cycles:Rethinking%20the%20SOC%20for%20Long-Term%20Success.pdf) #### 12、[A SOC Technology Tools Taxonomy - And Some Uses for It](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/A%20SOC%20Technology%20Tools%20Taxonomy%20-%20And%20Some%20Uses%20for%20It.pdf) #### 13、[2019 SANS SOC Survey Preview- Live Simulcast](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/2019%20SANS%20SOC%20Survey%20Preview-%20Live%20Simulcast.pdf) #### 14、[Shared Security Services:How to Adjust to an Ever-growing Landscape of Security Operations Center Responsibilities](https://data.hackinn.com/ppt/SansSummit2019/Security%20Operations%20Summit/Shared%20Security%20Services:How%20to%20Adjust%20to%20an%20Ever-growing%20Landscape%20of%20Security%20Operations%20Center%20Responsibilities.pdf) ### Blue Team Summit #### 1、[Network Flow Data:A Cornucopia of Value](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Network%20Flow%20Data:A%20Cornucopia%20of%20Value.pdf) #### 2、[Mental Models for Effective Searching](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Mental%20Models%20for%20Effective%20Searching.pdf) #### 3、[Forgotten But Not Gone:Gathering NTFS Artifacts of Deletion](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Forgotten%20But%20Not%20Gone:Gathering%20NTFS%20Artifacts%20of%20Deletion.pdf) #### 4、[OSINT:Not Just Offensive](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/OSINT:Not%20Just%20Offensive.pdf) #### 5、[Threat Hunting via Sysmon](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Threat%20Hunting%20via%20Sysmon.pdf) #### 6、[Statically Analyzing Infrastructure as Code](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Statically%20Analyzing%20Infrastructure%20as%20Code.pdf) #### 7、[To Blue with ATT&CK-Flavored Love](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/To%20Blue%20with%20ATT&CK-Flavored%20Love.pdf) #### 8、[Azure AD Security Recommendations and the Customer Stories That Prove It](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Azure%20AD%20Security%20Recommendations%20and%20the%20Customer%20Stories%20That%20Prove%20It.pdf) #### 9、[Suspiciously Inconspicuous](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Suspiciously%20Inconspicuous.pdf) #### 10、[Relentless Team Building](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Relentless%20Team%20Building.pdf) #### 11、[Zero-Trust Networks:The Future Is Here](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Zero-Trust%20Networks:The%20Future%20Is%20Here.pdf) #### 12、[One Phish,Two Phish,Red Phish,Green Phish](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/One%20Phish,Two%20Phish,Red%20Phish,Green%20Phish.pdf) #### 13、[Using Statistical Analysis to Reduce Noise and Improve Efficacy](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Using%20Statistical%20Analysis%20to%20Reduce%20Noise%20and%20Improve%20Efficacy.pdf) #### 14、[Skill Sharpening at the CyberRange:Developing the Next-Generation Blue Team](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Skill%20Sharpening%20at%20the%20CyberRange:Developing%20the%20Next-Generation%20Blue%20Team.pdf) #### 15、[Seriously,I Can Still See You](https://data.hackinn.com/ppt/SansSummit2019/Blue%20Team%20Summit/Seriously,I%20Can%20Still%20See%20You.pdf) ### ICS Security Summit #### 1、[Creating a Security Metrics Program:How to Measure Programmatic Success](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Creating%20a%20Security%20Metrics%20Program:How%20to%20Measure%20Programmatic%20Success.pdf) #### 2、[Gaining Endpoint Log Visibility in ICS Environments](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Gaining%20Endpoint%20Log%20Visibility%20in%20ICS%20Environments.pdf) #### 3、[Introducing a VITAL New Concept for ICS Cybersecurity Programs](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Introducing%20a%20VITAL%20New%20Concept%20for%20ICS%20Cybersecurity%20Programs.pdf) #### 4、[Evolution of ICS Attacks:From BlackEnergy3 to TRISIS](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Evolution%20of%20ICS%20Attacks:From%20BlackEnergy3%20to%20TRISIS.pdf) #### 5、[CES-21 Technology Achievements:Grid Security and Cyber Automation](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/CES-21%20Technology%20Achievements:Grid%20Security%20and%20Cyber%20Automation.pdf) #### 6、[ICS Risk Management Approaches:Vulnerability versus Threat versus Engineering, and What Works Best for You](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/ICS%20Risk%20Management%20Approaches:Vulnerability%20versus%20Threat%20versus%20Engineering,%20and%20What%20Works%20Best%20for%20You.pdf) #### 7、[Assumed Breach Assessments:Using You Against You](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Assumed%20Breach%20Assessments:Using%20You%20Against%20You.pdf) #### 8、[Intersection of Data Breach Notification and Critical Infrastructure Protection](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Intersection%20of%20Data%20Breach%20Notification%20and%20Critical%20Infrastructure%20Protection.pdf) #### 9、[Preventing Your Physical Access Control System from Being Used Against You](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Preventing%20Your%20Physical%20Access%20Control%20System%20from%20Being%20Used%20Against%20You.pdf) #### 10、[Still Bailing Water Out of the OT Boat Two Years Later](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Still%20Bailing%20Water%20Out%20of%20the%20OT%20Boat%20Two%20Years%20Later.pdf) #### 11、[Securing the Distribution Grid:The State Regulatory Perspective](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Securing%20the%20Distribution%20Grid:The%20State%20Regulatory%20Perspective.pdf) #### 12、[Scanners,Tunnels,and Sims,Oh My](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Scanners,Tunnels,and%20Sims,Oh%20My.pdf) #### 13、[Demo:How Common Network Misconfigurations Impact ICS Reliability and Security](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Demo:How%20Common%20Network%20Misconfigurations%20Impact%20ICS%20Reliability%20and%20Security.pdf) #### 14、[Gaining Buy-in and Resources to Manage Cybersecurity Risk in OT Environments](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Gaining%20Buy-in%20and%20Resources%20to%20Manage%20Cybersecurity%20Risk%20in%20OT%20Environments.pdf) #### 15、[Practical Solutions to Supply Chain Attacks](https://data.hackinn.com/ppt/SansSummit2019/ICS%20Security%20Summit/Practical%20Solutions%20to%20Supply%20Chain%20Attacks.pdf) ### Enterprise Defense Summit #### 1、[LOLBin Detection Methods:7 Common Attacks Revealed](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/LOLBin%20Detection%20Methods:7%20Common%20Attacks%20Revealed.pdf) #### 2、[Analyst Unknown Cyber Range:A Standardized Open Source Web Framework](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Analyst%20Unknown%20Cyber%20Range:A%20Standardized%20Open%20Source%20Web%20Framework.pdf) #### 3、[Sky-High Incident Response at Cloud Scale](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Sky-High%20Incident%20Response%20at%20Cloud%20Scale.pdf) #### 4、[Legacy Authentication and Password Spray,Understanding and Stopping Attackers Favorite TTPs in Azure AD](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Legacy%20Authentication%20and%20Password%20Spray,Understanding%20and%20Stopping%20Attackers%20Favorite%20TTPs%20in%20Azure%20AD.pdf) #### 5、[Creating Incident Response Playbooks](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Creating%20Incident%20Response%20Playbooks.pdf) #### 6、[The Offensive Defender:Cyberspace Trapping](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/The%20Offensive%20Defender:Cyberspace%20Trapping.pdf) #### 7、[Finding Evil with Skadi](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Finding%20Evil%20with%20Skadi.pdf) #### 8、[Realigning from Chaotic Evil](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Realigning%20from%20Chaotic%20Evil.pdf) #### 9、[Five Mistakes We Wish Users Would Stop Making](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Five%20Mistakes%20We%20Wish%20Users%20Would%20Stop%20Making.pdf) #### 10、[Hide and Seek:Where Your Business Does Business](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Hide%20and%20Seek:Where%20Your%20Business%20Does%20Business.pdf) #### 11、[Rapid Recognition and Response to Rogues](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Rapid%20Recognition%20and%20Response%20to%20Rogues.pdf) #### 12、[Do-It-Yourself ATT&CK Evaluations to Improve YOUR Security Posture](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Do-It-Yourself%20ATT&CK%20Evaluations%20to%20Improve%20YOUR%20Security%20Posture.pdf) #### 13、[The Best of Both Worlds:Blending Tactics from the Public and Private Sectors](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/The%20Best%20of%20Both%20Worlds:Blending%20Tactics%20from%20the%20Public%20and%20Private%20Sectors.pdf) #### 14、[Assumed Breach:A Better Model for Penetration Testing](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Assumed%20Breach:A%20Better%20Model%20for%20Penetration%20Testing.pdf) #### 15、[Finding a Domain’s Worth of Malware](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Finding%20a%20Domain’s%20Worth%20of%20Malware.pdf) #### 16、[Practical Detection Engineering at Scale](https://data.hackinn.com/ppt/SansSummit2019/Enterprise%20Defense%20Summit/Practical%20Detection%20Engineering%20at%20Scale.pdf) <!--weixin_end--> > 版权归大会主办方SANS(https://www.sans.org/) 以及议题演讲者所以,本站不以任何形式保留版权,若有相关问题请在下方留言或者给我们发送邮件:` àdmîn § hackînn.côm` 标签: none