Joshua Prager Managing Consultant, SpecterOps Inc.
Josh Prager has over 13 years’ experience focusing on DoD red team infrastructure, cyber threat emulation and threat hunting. As a former threat hunter in the Federal industry, he provided various cyber threat emulation and threat hunting assessments throughout DOD environments. As a principal consultant at SpecterOps, he guides clients in developing the maturity of their detection and response programs, building their detection engineering capabilities, and ensuring detective and preventive coverage of offensive techniques.
Talk: Mapping Deception Solutions with BloodHound OpenGraph
Talks will be streamed on YouTube and Twitch for free.
Abstract: Traditional defensive measures alone are proving insufficient against determined adversaries. This talk introduces a systematic approach to implementing effective deception solutions by using BloodHound's OpenGraph framework to map and deploy deceptive attack paths across AD and third-party enterprise technologies.
This talk moves beyond basic honeypots and canary tokens. This presentation demonstrates how to build discoverable deceptions that actually entice attackers. We'll explore how understanding existing attack paths in your environment is crucial to creating believable deceptions that adversaries will naturally encounter and attempt to exploit.
Key Topics Covered: - Attack Path-Driven Deception Design: Using attack path analysis to identify optimal deception placement points and create realistic adversary scenarios - OpenGraph for Deception Mapping: Extending beyond Active Directory to model deceptive attack paths across Git repositories, configuration management systems, and cloud services - Practical Implementation Examples: Live demonstrations including AD CS deception using Certiception, repo-based deceptions with GitHound, infrastructure deceptions through AnsibleHound and SCCMHound