12. Jonas Bülow Knudsen and Andy Robbins: Analyzing and Executing ADCS Attack Paths with BloodHound
ADCS attack paths are finally in BloodHound. In this session, the presenters will give attackers and defenders everything they need in order to easily execute and practically remediate the attack paths that emerge from this complex system.
Active Directory Certificate Services (ADCS) is Microsoft’s native PKI solution, used by many organizations to facilitate smart card authentication, TLS certificate issuance and verification, code signing, and other tasks. ADCS is a complicated system with many moving parts and possible configurations, out of which privilege escalation opportunities often emerge. Discovering those opportunities by hand is a tedious, time-consuming, and error-prone process.
In this talk, they will explain and demonstrate how BloodHound dramatically simplifies the discovery, analysis, and execution of attack paths traversing ADCS objects. They will show how with just a few clicks, BloodHound reveals these attack paths in seconds that would otherwise take hours or even days to discover by hand. They will demonstrate how attackers execute these attack paths as well as using common tooling such as Rubeus and Certify.
They will also discuss practical, reliable remediation strategies that defenders can use to greatly mitigate the risks created by attack paths in ADCS. Due to the complexity of this system, there is no “one size fits all” solution to any particular ADCS attack path, so they will share their lessons from the field in helping organizations mitigate and eliminate those attack paths without causing any business disruption.
Смотрите видео 12. Jonas Bülow Knudsen and Andy Robbins: Analyzing and Executing ADCS Attack Paths with BloodHound онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь x33fcon 14 Июль 2024, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 354 раз и оно понравилось 10 людям.