Graphs are Hard - John Hopper & Rohan Vazarkar [SO-CON 2024]
Вставка
- Опубліковано 5 вер 2024
- Security domains like Microsoft Entra, Active Directory, AWS IAM and others are highly complex and difficult to examine. BloodHound is a tool that utilizes graph constructs to make these domains easier to reason with to shorten time to discovery of interesting attack vectors. Throughout SpecterOps' journey in producing BloodHound with a focus on Attack Path Management there have been many engineering hurdles that we have had to overcome. This talk dissects several of the problems encountered and the engineering solutions employed to solve them.
![The BloodHound Enterprise State of Attack Path Management - Justin Kohler [SO-CON 2024]](http://i.ytimg.com/vi/mm5LU3cX6IU/mqdefault.jpg)
![The BloodHound Enterprise State of Attack Path Management - Justin Kohler [SO-CON 2024]](/img/tr.png)
![Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]](http://i.ytimg.com/vi/nvaOszFzXCQ/mqdefault.jpg)
![Domain Persistence: Detection, Triage, and Recovery - Josh Prager & Nico Shyne [SO-CON 2024]](http://i.ytimg.com/vi/1DseeBdRU3U/mqdefault.jpg)
