Sh!t we got compromised. A session on monitoring and remediation using Microsoft 365 Defender.
"Its 3 am in the night, and your phone is going crazy. Incidents are coming and in you see that a Command and Control beacon is active. No time to get coffee, start your incident response adventure using the Microsoft security stack. In this session, we will share how a series of events led to a full compromise of a domain. - What were the security misconfigurations which led to the compromise? - How the attack was discovered and investigated using Microsoft Security tools - How the incident was contained and fully shut down. This is a practical session sharing a real-world scenario of an attack. Focusing on both the misconfigurations and must-do's, and how Microsoft Defender helped us during the investigation." Time: 13:00 - 13:50
Location- Dexter 25-28
Track- Microsoft 365