Cyber Attack Workshop

Hacker Snacks: Those Cookies Will Go Straight to Your SaaS 🍪

Wednesday, October 20th | 11:00 am ET

Watch our hacker compromise one user and gain persistent access to many SaaS apps.

We'll use a reverse HTTP tunnel to evade common detections, steal cookies and credentials, and make AWS, GitHub, and Salesforce data publicly accessible!

Learn how SaaS authentication works, watch the attack unfold, and see how DatAdvantage Cloud spots suspicious activity.

It'll be recorded. So if you can't make it, register and we'll send you the replay.

+1 CPE

Register Now

Here’s a High-Level Overview of How this Attack Plays Out:

An attacker targets a user through a phishing email to establish a C2 channel
Uses homemade script to dump all credentials and cookies from the user’s browser
Sets up a reverse tunnel to bypass geohopping and network-based alerts
Bypasses MFA using stored cookies and token from the user
Shares out SaaS repositories to be used in the future without detection
Sets up API access in Salesforce to siphon vital company information

After we walk through the attack our team will use DatAdvantage Cloud to investigate what alerts would have been triggered during attack and how this could be easily mitigated with the appropriate visibility.

Mason Takacs Senior Engineer, Varonis

Mason Takacs is a Senior Sales Engineer out of Columbus, Ohio. He has been with Varonis for a couple years now and in the IT industry for over a decade. He is most commonly found working with strategic enterprise accounts and helping to lead the SE community in North America as part of the Varonis SE Council.

All attendees will have a chance to win a $250 gift card of their choice! A few of the exciting choices include, but are not limited to...

“The level of governance and insight provided by Varonis empowered our team to detect and respond to abnormalities as well as user activity and misconfigurations.”

Al Faella, CTO, Prospect Capital Management

Want to see Varonis in action?