Advanced Endpoint Investigations w/ Alissa Torres
October 11 @ 11:00 am - 7:00 pm
An event every day that begins at 11:00 am, repeating until October 11, 2022
For most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection, investigative triage, incident response pivots, and root cause analysis.
After learning about key endpoint artifact and memory analysis techniques for Windows and Linux, attendees will work through real-world scenarios in hands-on labs. We’ll pivot from initial detection into host triage analysis to discern attackers’ discovery, defense evasion and lateral movement techniques. Attendees will learn to identify key indicators for the generation of high-fidelity detections.
- October 11
11:00 am - 7:00 pm
- Event Category:
August 15 @ 9:00 am - 2:00 pm
August 16 @ 10:00 am - 2:00 pm
August 16 @ 11:00 am - 4:00 pm|Recurring Event (See all)
An event every day that begins at 12:00 pm, repeating until August 19, 2022