Sh!t we got compromised. A session on monitoring and remediation using Microsoft 365 Defender.
"Its 3 am in the night, and your phone is going crazy. Incidents are coming and in you see that a Command and Control beacon is active.
No time to get coffee, start your incident response adventure using the Microsoft security stack.
In this session, we will share how a series of events led to a full compromise of a domain.
- What were the security misconfigurations which led to the compromise?
- How the attack was discovered and investigated using Microsoft Security tools
- How the incident was contained and fully shut down.
This is a practical session sharing a real-world scenario of an attack. Focusing on both the misconfigurations and must-do's, and how Microsoft Defender helped us during the investigation."
Time: 13:00 - 13:50
Location- Dexter 25-28
Track- Microsoft 365