Choose from Eight InfoSec Courses at SANS Las Vegas 2018. Save $200 thru 12/27.

Berlin 2017

Berlin, Germany | Mon, Oct 23 - Sat, Oct 28, 2017
This event is over,
but there are more training opportunities.

Refresher on YARA in Incident Response

  • Alissa Torres
  • Tuesday, October 24th, 6:00pm - 7:00pm

As maturing security teams take aim at growing their proactive detection and hunting resources, it is essential that they capture their institutional knowledge hard-earned from past mistakes and eventual wins from previous incidents. One endproduct of closing out an incident should be the creation of malware and behaviroal signatures that allow the security team and perimeter defenses, endpoint protection mechanisms to catch the attackers faster, earlier into their exploitation process. This presentation will discuss the easy methods available to craft a YARA rule and applications to incident response and memory forensics investigations.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Tuesday, October 24
Session Speaker Time Type
Refresher on YARA in Incident Response Alissa Torres Tuesday, October 24th, 6:00pm - 7:00pm SANS@Night
Collecting and Exploiting Your 'Private' Internet Data using OSINT Micah Hoffman Tuesday, October 24th, 7:00pm - 8:00pm SANS@Night
Thursday, October 26
Session Speaker Time Type
Keeping Track of all the Things Johannes Ullrich Thursday, October 26th, 6:00pm - 7:00pm SANS@Night