Lead Security Threat Researcher at Cisco Umbrella
- Beginners and Intermediate
Threat Investigation – A drama in four acts
2-3 December 2020| Online
Cyber attacks are often talked about, what we hear and what we see are damages and the loss of data. The fact of the matter remains that no one really breaks down the attack and narrate “How it happened”. This bootcamp aims to solve 4 real cyber attacks. The evidences of cyber attacks will be time line of events, malware file evidence, log evidence, string or pattern evidences in the internet, behavioural evidence of malwares and evidences which network packet captures. The goal of the participants will be to use tools, mind and instincts to solve these crimes. Participants will perform threat hunting, fit hunted threats into MITRE framework, dissect a real malicious pcap to look for patterns, perform basic malware analysis on real malware and finally would be doing memory forensics on an advance malware that evades the traditional analysis methods.
Duration: 2 x 4 hours (9:00 – 13:00) including 15-minutes breaks
Number of attendees: Up to 25 attendees