DFSP # 411 - NTLM Credential Validation

DFSP # 411 - NTLM Credential Validation

This week I'm talking about detecting evidence of lateral movement on Window systems using NTLM credential validation events. Much like the episode I did on Kerberos, NTLM events offer the same advantage of being concentrated on domain controllers, which allows you, as the analyst, leverage a great resource for user account analysis. I will have the background, artifact breakdown, and triage strategy coming up right after this…..

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(498)

Populært innen Vitenskap

fastlegen
tingenes-tilstand
jss
liberal-halvtime
rekommandert
forskningno
villmarksliv
sinnsyn
tomprat-med-gunnar-tjomlid
rss-kunstig-intelligens-med-elisabeth-maren-og-morten
fjellsportpodden
rss-rekommandert
vett-og-vitenskap-med-gaute-einevoll
dekodet-2
rss-nysgjerrige-norge
smart-forklart
nevropodden
diagnose
rss-paradigmepodden
abels-tarn