2025-09-26 –, Murray-Fitzroy Room
This is a fast-paced workshop that provides a deep dive into Windows Active Directory (AD) specifically focused on what security professionals need to know. In this workshop, we will cover Active Directory security, and deep dive into some of the Kerberos attacks. The Workshop can be divided into two parts, the first focused on Introduction to Active Directory in general, Active Directory Accounts and Groups and Windows Access Control Model. The second part will focus on Kerberos and attacks targeting Kerberos. ,
This Workshop is not focused on a specific tool, and covers attack techniques used by threat actors in Active Directory and how defenders can detect and defend against those.
Student Laptop (Newer CPU and minimum 16 GB RAM suggested), VMWare, Students will be provided instructions before hand to set up the lab and run scripts to configure the environment, Wifi
Anurag is a Director with the CrowdStrike Digital Forensics and Incident Response (DFIR) team, where he leads the team in Asia Pacific. His team works on several incident response investigations that involve nation state and eCrime adversaries every year.
He has led several high profile investigations over years involving nation state threat actors, investigating threat actor activity, scoping the incidents, creating and executing eviction plans and helping organisations improve detection capabilities .His work has led to detection and tracking of previously unknown threat actor groups and malware.
He has also been involved in eCrime incident response investigations, often getting into knife fights with adversaries, during dynamic threat actor activity.
Anurag is a SANS Certified Instructor where he teaches SEC504: Hacker Tools, Techniques, and Incident Handling.