Start covering your bases & Stop chasing APT headlines - Avishay Zawoznik - NDC Security 2025

This talk was recorded at NDC Security in Oslo, Norway. #ndcsecurity #ndcconferences #security #developer #softwaredeveloper Attend the next NDC conference near you: https://ndcconferences.com https://ndc-security.com/ Subscribe to our YouTube channel and learn every day: @NDC Follow our Social Media! https://www.facebook.com/ndcconferences https://twitter.com/NDC_Conferences https://www.instagram.com/ndc_conferences #cloud #security #hacker #cybersecurity Cognitive biases affect us in many ways, even in cyber security: we often focus on the recent technical buzz or address a new sensational hacking campaign that was discovered. But the fact of the matter is that network breaches and ransom attacks that happen every day, are by large executed using well-known techniques, tools and procedures. This is why we are presenting a “run-of-the-mill” simulation of a full network breach, from initial access, to discovery, lateral movement and finally exfiltration. Based on public DFIR reports, MITRE’s ATT&CK framework and common hacking tradecraft as covered by atomic red-team tests, we demonstrate how attackers execute such attacks, without the need for tailor-made and sophisticated tools or techniques. In addition to showing the recorded simulation, we’ll discuss the importance of defense-in-depth and how you should place multiple different tripwires to stop network breaches. In particular, the significant role that network controls and detections can play in such cases.