
Advanced Endpoint Investigations w/ Alissa Torres
August 30 @ 12:00 pm - 4:00 pm
|Recurring Event (See all)
An event every day that begins at 12:00 pm, repeating until September 1, 2022
An event every day that begins at 12:00 pm, repeating until September 1, 2022
For most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection, investigative triage, incident response pivots, and root cause analysis.
After learning about key endpoint artifact and memory analysis techniques for Windows and Linux, attendees will work through real-world scenarios in hands-on labs. We’ll pivot from initial detection into host triage analysis to discern attackers’ discovery, defense evasion and lateral movement techniques. Attendees will learn to identify key indicators for the generation of high-fidelity detections.
https://www.antisyphontraining.com/advanced-endpoint-investigations-w-alissa-torres/
Details
Related Events
Getting Started in Security with BHIS and MITRE ATT&CK w/ John Strand
August 15 @ 9:00 am - 2:00 pmAn event every day that begins at 10:00 am, repeating until August 18, 2022
Getting Started in Security with BHIS and MITRE ATT&CK w/ John Strand
August 16 @ 10:00 am - 2:00 pmAn event every day that begins at 10:00 am, repeating until August 18, 2022
Security Leadership and Management w/ Chris Brenton
August 16 @ 11:00 am - 4:00 pmAn event every day that begins at 12:00 pm, repeating until August 19, 2022