Open Threat Research - The Hunt for Red Apples: How to threat hunt and emulate Ocean Lotus on macOS скачать в хорошем качестве

Open Threat Research - The Hunt for Red Apples: How to threat hunt and emulate Ocean Lotus on macOS

Open Threat Research (OTR) is a community movement that brings together passionate security researchers from different backgrounds and levels of expertise that have a goal in common to collaborate, share, and contribute to open source initiatives! A group of researchers got together to develop a new project: "The Hunt For Red" Threat Hunt Workshop Series. To kick off the series we concentrated on MacOs and emulated a known adversary: Ocean Lotus. In this talk we will share the ups and downs of emulating an adversary, our approach and methodology. Leveraging the Attack Life Cycle and Mitre ATT&CK framework we will share threat hunting queries and detection ideas for each stage we emulated. Finally, after the session, we will unveil and open source the final project. Carlos R, Threat Hunting Operations Lead, Yahoo -   / plugxor   Ben Bornholm, DART Engineer, Dropbox -   / cptofevilminion   View upcoming Summits: http://www.sans.org/u/DuS Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE #ThreatHuntingSummit #OceanLotus