SEC504: Hacker Tools, Techniques, and Incident Handling

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsUsed with increasing sophistication, 0day attacks have been essential in successful Advanced Persistent Threat (APT) style attacks making headlines recently. The problem is evident; incident handlers and response teams struggle to identify and respond to unknown threats. This is an issue that plagues organizations of all sizes that rely on signature-based detection mechanisms. Attempting to handle unknown threats without a systematic plan will fail. It is imperative that incident handlers and response teams have a methodology to be able to respond to unknown or unidentified threats to protect the critical assets and data that businesses rely on. While some vendors claim their product is the solution to identify unknown issues, relying on a single solution creates a single point of failure. With complex attacks and sensitive data, this single point of failure could be detrimental. This paper will discuss integrating specific techniques into the preparation, identification, and containment phases of incident response to address the current problem.