angriffe durch „advanced threat analytics“ erkennen
TRANSCRIPT
![Page 1: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/1.jpg)
SECURE YOUR ENTERPRISE
Microsoft Advanced Threat Analytics
![Page 2: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/2.jpg)
WHAT IS CYBERCRIME?
2016 - SBA Research gGmbH
![Page 3: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/3.jpg)
Cybercrime is…
2016 - SBA Research gGmbH
…Money
€ 57 Billion
Damage due to cybercrime in the EU
10.000
Criminal complaints / year in Austria
$ 500 BillionEstimated cybercrime damage worldwide
![Page 4: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/4.jpg)
Cybercrime is…
2016 - SBA Research gGmbH
…Business
![Page 5: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/5.jpg)
Cybercrime is…
2016 - SBA Research gGmbH
…Sophisticated
Source: Mandiant M-Trends Report 2016
![Page 6: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/6.jpg)
ADVANCED ATTACKS NEED ADVANCED DEFENSES
Microsoft Advanced Threat Analytics (ATA)
2016 - SBA Research gGmbH
![Page 7: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/7.jpg)
Threat Analytics in a Nutshell
2016 - SBA Research gGmbH
![Page 8: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/8.jpg)
Threat Analytics detects…
![Page 9: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/9.jpg)
How it works
2016 - SBA Research gGmbH
![Page 10: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/10.jpg)
Reconnaissance
2016 - SBA Research gGmbH
![Page 11: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/11.jpg)
Password Guessing
2016 - SBA Research gGmbH
![Page 12: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/12.jpg)
The Archenemy of Windows
Pass-the-Hash
• Attacker uses stolen password hash to target clients• Search until higher privilged account is found• Compromise other systems or whole infrastructure
2016 - SBA Research gGmbH
![Page 13: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/13.jpg)
Kerberos Pass-the-Ticket
2016 - SBA Research gGmbH
![Page 14: Angriffe durch „Advanced Threat Analytics“ erkennen](https://reader035.vdocuments.us/reader035/viewer/2022062905/587198881a28ab044e8b52bd/html5/thumbnails/14.jpg)
2016 - SBA Research gGmbH
DEMOS
Detecting Zone Transfers, Failed OWA Logins,and Pass-The-Ticket Attacks