Web shell attack deep dive
Рет қаралды 8,951
3 жыл бұрынWeb shell attacks are on the rise worldwide. Join this session with Microsoft Security Research to investigate a real-world web shell attack, and how Threat Protection security solutions from Microsoft detect and respond to it.
► Subscribe to Microsoft Security on KZbin here: aka.ms/SubscribeMicrosoftSecu...
► Follow us on social:
LinkedIn: / microsoft-security
Twitter: / msftsecurity
► For more about Microsoft Security: msft.it/6002T9HQY
#MicrosoftSecurity #Ignite
@cam1495 2 жыл бұрын
This is a great video and has made me a little excited to use this program in the future. Thank you
@w.j.terrell9831 3 жыл бұрын
It looks like you've blocked the webshell attacker's IP in this video, correct? But, if they just use a different IP, they can get right back in again, can't they? How do you actually remove the webshell and keep them from coming back, and can you identify how they got in to begin with so you can close up any holes? I've been looking all over the web for a solution to our problem but haven't found much useful information. :(
@MicrosoftSecurity 3 жыл бұрын
Thanks for your interest in using Azure Sentinel to investigate web shell attacks. Web shell attacks can be complex and each unfolding incident is different. If you need bespoke support investigating an incident, you will need to contact your Incident Response Partner in accordance with your organization's Incident Response Process. We have a blog that accompanied this demo. You may find more information to help there as it covers some ways to find the attacker. techcommunity.microsoft.com/t5/azure-sentinel/web-shell-threat-hunting-with-azure-sentinel-and-microsoft/ba-p/1448065
SANS Digital Forensics and Incident Response
Рет қаралды 9 М.
Microsoft Security
Рет қаралды 13 М.
Microsoft Security
Рет қаралды 12 М.
Jesse Campos - Chef Secure
Рет қаралды 406 М.
Null Byte
Рет қаралды 311 М.
lev89k
Рет қаралды 2,7 МЛН
Aman Soni Official
Рет қаралды 8 МЛН