Security and IR Labs at CEIC Focus on Advanced Malware and Attack Analysis
Security | Apr 22, 2015
Incident response as a discipline is still largely misunderstood and under-implemented, mainly because enterprises struggle to understand the changing security landscape and the need to be prepared for the inevitable cyber attack. To help you better understand these changes, we've developed new sessions and labs for CEIC 2015 to help you take incident response to the next level.
More Advanced, Technical Labs will Help You Understand the Root Cause of a Cyber Attack
In addition to offering topics for newcomers on incident response, CEIC will dig deep this year into advanced technical analysis of malware and attacks so you can be more confident before, during or after a cyber attack. This foresight to develop more analytical and leading-edge topics began with two critical questions we hear incident responders ask:
- What really happened? Incident response teams are often too focused on remediation, without a deep understanding of how the cyber attack was orchestrated, what tools were used, and so on.
- Are we still exposed? When that deep understanding is lacking, incident response teams can miss vital information when cleaning up after an attack, leaving your company vulnerable and/or compromised.
- Jamie Levy from The Volatility Foundation will lead you through a fascinating hands-on technical lab on memory forensics, which is the analysis of memory images from endpoints to identify potential malware.
- Jessica Bair from Cisco Security will teach you to leverage Cisco AMP Threat Grid’s threat intelligence service during a security investigation through a technical integration between EnCase and Threat Grid.
- A veteran of 30+ years, Attorney Gordon Calhoun will help you to evaluate a disk for insider threats.
- Security/Defense Research Analyst Nik Roby from KEYW Corporation will put you in the attacker’s seat as you learn to use an attack framework representative of the exploitation kits available for sale on the black market.
This is just a small sampling of the 11 sessions in the Cybersecurity and Incident Response track that will bring you closer to the most advanced incident response techniques—including analyzing disk based and memory based artifacts—so you can better understand the root cause of a cybersecurity attack.
Visit our CEIC event website to see the agenda in detail, register, and more.