$1,500 – $1,860

WorkshopCon InfoSec training event: Incident Response by TrustedSec

Event Information

Share this event

Date and Time

Location

Location

Forefront Center for Meetings & Conferences

404 Wyman Street

Waltham, MA 02451

View Map

Refund Policy

Refund Policy

Refunds up to 30 days before event

Eventbrite's fee is nonrefundable.

Event description
Join us for a 2 day Introduction to Incident Response with one of the best in InfoSec - TrustedSec!

About this Event

Class Description: Join TrustedSec for an overview of the Incident Response process and common investigation techniques often performed during an incident.

TrustedSec will use labs and examples using real-world incidents that TrustedSec has investigated. At the end of the course, participants will understand the basics of network and host-based investigation and know how to recognize common tactics, techniques, and procedures (TTPs) of attackers.

Click here for a PDF of the full class description.

Click here to see our other training class Professionally Evil Application Security: Developer edition by Secure Ideas.

Audience: Beginner to intermediate-level incident responders, Information Technology first responders.

Requirements: Students will be required to provide their own laptop that can run a virtual machine. VMWare or VirtualBox may be used. Students should be familiar with how to use a virtual machine and copying files in and out of VMs.

Trainer Info: TrustedSec is an information security consulting team at the forefront of attack simulations with a focus on strategic risk-management. TrustedSec’s goal is to help organizations defend against threats of all kinds and change the security industry for the better.

Justin Vaicaro , Sr Incident Response Consultant (CISSP, GCFA, CISM, CREA, OWSP)

LinkedIn: https://www.linkedin.com/in/justin-vaicaro-8385b014/

Twitter: https://twitter.com/H3dTr1p

Justin has 12 years combined military experience serving in both the Marine Corps and Air Force. He has 20 years of experience within the Information Technology industry, with the last 10+ years solely focused on security engineering. Justin has worked in various industries, including Internet Service Provider, eCommerce, Pharmaceutical, Automotive, and Aviation. He has held various roles throughout his career, but his technical strength is derived from his vast network engineering experience. His security knowledge is diverse, but his current focus is on Security Architecture and Design, Incident Response, Malware Reversing, Threat Hunting, Threat Intelligence, and Security Operations. He also does a significant amount of research around trending offensive techniques, tactics, and procedures in order to strengthen his defensive mindset.

Demos and labs: Will be performed throughout the course. Any topic not specified below can be covered during class by request.

  • What is Incident Response (IR)?
  • Why is IR needed?
  • Threat Landscape - Data Breaches Threat Actor Types (Examples): Organized Crime, Cyber Terrorists, Hacktivists, Nation State
  • Incident Response Planning
  • IR Policy
  • Run books and use cases
  • IR Standards
  • Types of Incidents: Proactive vs. Reactive Incident Response (Reactive) Threat Hunting (Proactive)
  • Attack Vector Methods (Examples)Phishing Web-based attacks Social Engineering Malicious Documents Supply Chain
  • Incident Response Lifecycle Preparation Identification Containment Eradication Remediation Lessons Learned
  • IR and Forensic Best Practices
  • Incident Detection - Network visibility vs host visibility
  • Forensic Investigation - Order of volatility
  • Live Response / Triage
  • Host Analysis Persistence Event Logs Timelines Browser Forensics Evidence of Execution
  • Network Forensics
  • Packet analysis
  • Flow Analysis
  • Command and Control Identification
  • Open Source Intelligence (OSINT)
  • IOC (indicators of Compromise)
  • IP Address
  • Domain
  • Malware Hash
  • Threat Actor Handle
  • Threat Actor Email Address
  • Threat Actor Attack Tool\s Used

  • Available Open Source Tools
  • Available Clearnet Reputation and Threat Intelligence Resources

Share with friends

Date and Time

Location

Forefront Center for Meetings & Conferences

404 Wyman Street

Waltham, MA 02451

View Map

Refund Policy

Refunds up to 30 days before event

Eventbrite's fee is nonrefundable.

Save This Event

Event Saved