Masterclass: System Forensics and Incident Handling
The secure infrastructure configuration should be the most important line of defense in every organization. Unfortunately, people, the most valuable resource, are not always aware of the level of security in their companies, possible points of entry, how operating systems are attacked, and how to protect the infrastructure from successful attacks which are sometimes caused by configuration mistakes. Understanding internal OS protection mechanisms and services/roles completely provides a huge impact on the whole infrastructure security level. Unfortunately, the problem is… rarely anyone has this impact!
This is a deep dive course on security operations: vulnerability management, anomalies detection, discovery of industry attacks and threats, understanding how compromised system or solution looks like, defining the indicators of the attack, incident handling also daily servicing on SIEM platform. We will also walk through the advanced access rights, password mechanisms, windows internals, PowerShell usage for security purposes, gaining unauthorized access, advanced DNS configuration and common configuration mistakes, forensics techniques, Active Directory security, IIS Security, debugging, advanced monitoring and troubleshooting and much more! Topics covered during this training will help you to walk in hackers’ shoes and evaluate your infrastructure from their point of view.
The training focuses on detecting, responding, and resolving computer security incidents and covers the following security techniques:
- The steps of the incident handling process
- Detecting malicious applications and network activity
- Common attack techniques that compromise hosts
- Detecting and analyzing system and network vulnerabilities
- Continuous process improvement by discovering the root causes of incidents
About Paula Januszkiewicz
Paula has 15 years consulting experience based mainly within cybersecurity, holding contracts with large companies such as Microsoft, Orange and Hewlett Packard as well as with government departments. What is more, Paula holds numerous titles such as Microsoft Regional Director, Enterprise Security Microsoft Valuable Professional, Microsoft Certified Trainer, and Microsoft Security Trusted Advisor.
She is also an in-demand speaker on cybersecurity, speaking at global events such as RSA, Black Hat, TechEd North America, TechEd Europe, TechEd Middle East, and CyberCrime. Paula is No 1 speaker at Microsoft Ignite and she was granted an access to the Windows source code.
Security officers, systems administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.
Author’s unique tools, over 300 pages of exercises, presentations slides with notes.
Recommended books: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software & Malware Analyst’s Cookbook: Tools and Techniques for Fighting Malicious Code
08:00 – 08:30 Coffee & Croissant
08:30 – 10:00 Session 1
10:00 – 10:15 Coffee break
10:15 – 12:00 Session 2
12:00 – 12:45 Lunch
12:45 – 14:15 Session 3
14:15 – 14:30 Coffee break
14:30 – 15:45 Session 4
15:45 – 16:00 Wrap Up & Closing