00:00 - Introduction
01:22 - The Scenario
02:50 - First Steps
03:48 - Endpoint Analysis Roll
04:22 - Logon Scripts Were installed
05:09 - I.R. Team Introductions
07:17 - Second Step
10:32 - Network Threat Hunting Roll
11:36 - Third Step
15:12 - Anyway Here’s Firewall Roll
15:43 - Fourth Step
18:26 - SIEM Roll
19:41 - Fifth Step
20:47 - UEBA Roll
21:19 - Senario Recap
22:20 - Senario Plausibility?
25:51 - Wrap-up Takeaways