Based on a compromised employee workstation scenario, we’ll discuss how to conduct an effective DFIR investigation within enterprise environments, following the incident response lifecycle. We’ll discuss triage and containment considerations, as well as elaborate on best practices for performing effective data collections and forensic analysis. To wrap up, we will discuss critical remediations and post-incident activities that should be taken into account.
As a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.
Hey folks! Are you ready for another Anti-Cast! “Strengthening Your Blue Teaming Skills: Thinking Like an Attacker,” with Markus Schober is this Wednesday, June 28th at 12 p.m. EDT! This webcast will…
This webcast will explore the vast amount of challenges faced by blue teamers and how they can stay ahead of the curve. Through a ransomware attack example, we’ll discuss the broad range of skills and knowledge needed to respond effectively to advanced threats. We’ll elaborate on how thinking like an attacker and employing a purple teaming approach for skills development has proven to be the best defense for many blue teamers. The session will conclude with a Q&A portion to provide answers on what and how blue teamers need to upskill.