Attackers don’t have to “hack in” using zero-day vulnerabilities. Often, attackers log in by chaining together misconfigurations, dangerous product defaults, and exploitable vulnerabilities to harvest and reuse credentials.
This session will discuss five real-world attacks that enabled Horizon3.ai to become domain administrator, gain access to sensitive data, take over cloud VPCs, and compromise critical business systems. In most instances no security alerts were triggered despite having state-of-the-art security tools in place. Attendees will learn how they can find, fix, and verify the remediation of exploitable attack paths so they can proactively harden their network.
