Cyber Attack Simulation: Those Cookies Will Go Straight to Your SaaS

Watch our hacker compromise one user and gain persistent access to many SaaS apps.

We'll use a reverse HTTP tunnel to evade common detections, steal cookies and credentials, and make AWS, GitHub, and Salesforce data publicly accessible!

Learn how SaaS authentication works, watch the attack unfold, and see how DatAdvantage Cloud spots suspicious activity.

Here’s a High-Level Overview of How this Attack Plays Out:

• An attacker targets a user through a phishing email to establish a C2 channel
• Uses homemade script to dump all credentials and cookies from the user’s browser
• Sets up a reverse tunnel to bypass geohopping and network-based alerts
• Bypasses MFA using stored cookies and token from the user
• Shares out SaaS repositories to be used in the future without detection
• Sets up API access in Salesforce to siphon vital company information

All attendees are eligible for CPE credit and the first 100 people to register will be entered to win a $250 gift card during the session! (You must attend the session to win)