SANS Community Nights are a great way to stay in touch with your local InfoSec community and to hear the latest in technical wizardry, industry intelligence, and thought leadership from our amazing instructors.
Join us at:
Vienna House, Andel's Prague
Stroupežnického 3181/21
150 00 Praha 5-Smíchov, Czechia
View the agenda below:
Tuesday 1st October 2024
17:30 – 18:00
Registration and Drinks
18:00 – 19:00
AI Enhanced Incident Response with Taz Wake
19:00 – 20:00
HA - Not "High Availability" But "Hunting Automation" with Xavier Mertens
Abstract(s):
AI Enhanced Incident Response
Time is critical during incident response. One way we can speed up is by becoming more efficient; this is definitely an area where AI (or really "LLM") technology can help. In this session, we will look at some of the areas where our DFIR teams can quickly use AI assistance to speed up their incident scoping and threat-hunting activities.
HA - Not "High Availability" But "Hunting Automation"
When I'm teaching FOR610, we cover different malware analysis approaches from static analysis up to code analysis. We don't convert the “automated” analysis part. Why? Because the training goal is to help you to address malware that failed (or evaded) sandboxes. But it does not mean that automation is not interesting, it is… definitively! It's a great way to process a huge amount of malware samples and focus only on the “interesting” ones. In this talk, I'll show you how I'm doing my hunting activities, how I collect interesting samples from mail feeds, online resources and how files are processed/stored.