//
Presentations

Training Organizations to Prevent Cyber Attacks – FISSEA 28th Annual Conference –  2015

Hand’s on practical application is the most effective way for an organization to train against cyber threats. Whether you are an information security officer, a seasoned system administrator, or a non-technical individual seeing and experiencing a cyber attack drastically increases awareness and detection. This presentation demonstrates a few different attacks and how you can best “show” your organization how to prevent a serious intrusion.

The Technology of Training Tomorrow’s Cyber Forces – FISSEA 27th Annual Conference –  2014 

This session will break down the necessary components of building a cyber-education training system and foster discussion on developing futuristic cyber education training programs of the future and the appropriate technologies that will be required or will be needed. From this session you will learn about technology infrastructure, authentication, learning management systems, content management systems, virtual machines, software development, open source applications, integration, and futuristic technologies to address tomorrow cyber force’s needs.

Introduction to Malware Analysis – DoDCCC 2012

Malware is often found on computer systems during network intrusion investigations. The main goals of analysis are to assess an executable to discover its functionality, and to identify the artifacts of its presence and usage. This class is designed for investigators who need to perform basic malware analysis in order to aid in their forensic investigations. The purpose of this course is to introduce the principles of malware analysis, and to teach how to perform a basic assessment of unknown executables and malware. Investigators will learn how to use many free open source tools to perform analysis of executables at a basic level.

Network Intrusion and Malware Visualization – DoDCCC 2012

Learn how to effectively use visualization techniques to respond to network intrusions faster by visually modeling complex datasets. This topic will show you how to use visualization tools to effectively monitor, analyze, and respond to exploits and malware.

Splunk as an Enterprise Incident Response and Forensic Tool – DoDCCC 2012 / DoDCCC 2011

Splunk is a monitoring and reporting tool for enterprise IT systems that deeply emphasizes search capability by consolidating logs, metrics, and other data from applications, services, and network devices. Therefore, in this breakout session the investigator will learn how to index, search, and analyze all enterprise threat data from a single location in real time, drastically cutting response times, and limiting exposure to the threat by reacting quicker.

Malicious Code Analysis in Windows – DoDCCC2010

Subject Identification / General Searches and Public Records – 2010  ICAC Task Force Nat. Conf.

This lab will address how to use information available on the internet to search for subjects to establish leads and gather information on a target.

Basic Networking and Incident Response – 2010  ICAC Task Force Nat. Conf.

This lecture will address how to respond to networked computers and how to perform an incident response in order to collect sufficient evidence for an investigation.

It’s 4 o’ Clock and……Your Linux Server was Hacked… – Techno Forensics & Digital Investigations 2010

Track 4 – Lecture Room B Sponsored by ISFCE – An intrusion on a linux box occurred, now what? Learn how to respond to a linux machine and learn about all the evidence you will loose if you pull the plug. Linux incident responders must gather volatile data! This includes how to build their trusted tools, determine what information is collected during the volatile data gathering process, and how to use kernel and third party tools for volatile evidence gathering. This gives investigators evidence and analysis to supplement the dead box exams.

Linux Incident Response Volatile Data Gathering 101!  – Techno Forensics & Digital Investigations 2009

An intrusion on a linux box occurred, now what? Learn how to respond to a linux machine and learn about all the evidence you will loose if you pull the plug. Linux incident responders must gather volatile data! This includes how to build their trusted tools, determine what information is collected during the volatile data gathering process, and how to use kernel and third party tools for volatile evidence gathering. This gives investigators evidence and analysis to supplement the dead box exams. Objective: To teach volatile data gathering techniques to intrusion and forensic investigations during incident response.

Wireshark as a Forensic Tool – 2009 DoDCCC

Firefox Forensics2009 DoDCCC

Browser Forensics – Techno Forensics & Digital Investigations 2008

This presentation will include an overview of how and where records are stored in various browsers. We will then explore the steps that may be taken in order to configure the IE7 or Firefox browsers to hide user tracks. And lastly, we will show information that may only be recoverable in RAM.

Books

Defense Against the Black Arts: How Hackers Do What They Do and How to … By Jesse Varsalone, Matthew McFadden

As technology has developed, computer hackers have become increasingly sophisticated, mastering the ability to hack into even the most impenetrable systems. The best way to secure a system is to understand the tools hackers use and know how to circumvent them. Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It provides hands-on instruction to a host of techniques used to hack into a variety of systems. Exposing hacker methodology with concrete examples, Defense against the Black Arts shows you how to outwit computer predators at their own game. Google Books

Amazon  Slashdot Review Hak9

Not to be confused with: http://harrypotter.wikia.com/wiki/Defence_Against_the_Dark_Arts

Events

Other

Comments are closed.

%d bloggers like this: