Deconstructing & Deterring Solarwinds Attack: Golden SAML Attack Technique

Each passing day brings new and fresh revelations about the Solarwinds attack. Supply chain attacks are not new to us yet such attacks are fiendishly difficult to defend against.

With the attack's far-reaching impact, many are asking: what happened? How can I deter against such future attacks?

In this meetup, we will examine the Solarwinds kill chain, the Attacker Tactics Techniques and Procedures (TTPs) and in particular explore how the Golden SAML Attack played a crucial role. Finally, we will quickly look at how we can detect post-compromise threat activity, remediation and some ways on minimising supply chain attacks.

Speaker: Nathan Aw
Working in the financial services industry (FSI), as a cloud-native, microservices and devsecops developer/architect with a particular interest in countering ever-evolving emerging threats, Nathan Aw spends his time tinkering with code and making them secure regardless of where they are deployed: on premise or multi-cloud. A firm believer and practitioner of holistic cyber risk–management paradigm, he believes that an identity-based, zer0-trust security paradigm is the only way forward in an increasingly multi-cloud, hybrid cloud environment.