Konstantin Evdokimov

Researcher/pentester/redteam, M-13

About speaker

Researcher, pentester, RedTeam expert at M-13, LLC.
I am engaged in information security for more than 15 years.
I have extensive experience in security studies of various information systems.
During my career, I worked in both Defensive and Offensive areas.
Doing my best to make the world more secure.
June 18
16:00 — 16:30
Second Track
In the course of RedTeam campaigns, specialists have to constantly face protection controls in the Customer’s organization, which, by the way, are becoming more sophisticated. In a modern enterprise network, one antivirus and security web gateway won’t surprise anyone, even if it’s Kaspersky with FireEYE. An increasingly common is symbiosis of security solutions with modern SIEM and Threat Intelligence systems, which significantly complicates the work of RedTeam specialists. One such solution from Microsoft, namely MS ATA, will be discussed in the report. Let us examine what it is and how its «features» help to fight it (bypass it) in a RedTeam campaign.