{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Talkin' Bout [Infosec] News","title":"Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/24c5eadd\"></iframe>","width":"100%","height":180,"duration":3492,"description":"BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! \n\n\n\nWe know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.”  \n\n\n\nDownload slides:  https://www.activecountermeasures.com/presentations/  \n\n\n\n2:47 – Why Are We Doing This? \n\n\n\n5:07 – AT7: The Logs You Are Looking For \n\n\n\n7:41 – AD Best Practices to Frustrate Attackers \n\n\n\n9:37 – AT 5 – Complete Takedown & AT 6 – IOCs \n\n\n\n12:04 – Blue Team-A-Palooza \n\n\n\n14:22 – Windows Logging, Sysmon, and ELK – Part 1 \n\n\n\n16:45 – Implementing Sysmon and Applocker \n\n\n\n21:45 – …And Group Policies That Kill Kill-Chains  \n\n\n\n22:31 – Here Are Some Important Blogs \n\n\n\n23:35 – Summary Complete \n\n\n\n25:28 – Introducing the Atomic Red Team \n\n\n\n27:50 – Installing the Atomic Framework \n\n\n\n29:29 – Squibbly Doo; The Results; Let’s Take A Step Back: The Atomic Tests; Another Step Back: WEF / Winlogbeat Config \n\n\n\n33:41 – Executing T1015; Catching Executables; Executin...","thumbnail_url":"https://img.transistorcdn.com/WPYM9pq_SRUcywHv9tdgpsGLyLx04W2rDmzktvAcD4Y/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8xZTA1/ZWZhNDcxZGM4ZTFj/ZGJhMTMwNmYzMmJj/ZjBkNi5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}