This session aims to explain the detection of Active Directory Red teaming Operations using MITRE ATT&CK and opensource solutions (ELK Stack). During the session, we will demonstrate real-world attacks used by adversaries to attack Active Directory environments and how we can track and detect them using ELK stack queries.
Mohammad Khreesha, a Cybersecurity Consultant, Manager, Youtuber, blogger, and public speaker from Jordan with +15 years of experience in IT especially in Security. He is OWASP Amman Chapter Leader and Founder of technawi blog, founder of JISCTF which is the first CTF in Jordan with more 150+ yearly participants. His research interests in digital forensics, malware analysis, web & network security, Threat Hunting, and their integration with AI. He has a YouTube channel in which he publishes training courses and tips in Cybersecurity field to feed the Arabic content on the internet.” Mohammad gained the following Technical Certificates: CEH, CHFI, ECSA, LPT Master, CRTP, OSCP, eCPPT, eCPTXv2, eWPT, eWPTXv2, ISO 27001 LI, eCDFP & eMAPT. He has a MSc. in Cyber Security from the University of Bedfordshire.