homepage
Open menu
Contact Sales

Challenges Incident Response Teams Face and How to Solve Them

  • Tuesday, 25 Jan 2022 10:30AM EST (25 Jan 2022 15:30 UTC)
  • Speakers: Jake Williams, Ell Marquez, Linux and Security Advocate, Intezer, Nicole Fishbein, Security Researcher, Intezer

A suspicious activity occurs on an endpoint so the incident response team launches an investigation to find out what happened. Did a breach occur? Are there any other infected endpoints? What was the purpose of the attack? How was the endpoint compromised?

The challenge IR teams face is to classify the collected data and find the malicious files, in the shortest period of time. Time is a major factor to reduce the potential damage of the environment. To accomplish this task the IR team will collect forensic evidence from one or more of the following sources: HD forensics, memory forensics, and live forensics. At this point, they will have hundreds, if not thousands, of files and information that need to be analyzed and classified. This analysis is time-consuming and should be done carefully to not miss any artifacts crucial to the investigation. It can often be like looking for a needle in the haystack.

Fortunately, there are ways to accelerate the forensics methods mentioned above. Learn how you can quickly classify and analyze the mass of files and memory dumps collected using these forensics methods in less time than ever.

Plus, learn how to integrate with the handy Volatility plugin, to get the comprehensive and automatic analysis of the loaded process along with the powerful capabilities of the plugin.

Login to Register

Sponsor

Intezer.png

Related Content

Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
Blog_-_SEC568_-_Approaching_the_Software_Supply_Chain_-_340x340.jpg
Cyber Defense
SEC568: Approaching the Software Supply Chain like Jack Byrnes
Keep your circle of trust secure with product security testing
370x370_douglas-mckee.jpg
Douglas McKee
read more
Blog
Small_Business_Blog_Image.png
Cyber Defense
A Visual Summary of SANS Small Business Cyber Summit 2023
Check out these graphic recordings created in real-time throughout the event for SANS Small Business Cyber Summit 2023
370x370-person-placeholder.png
Alison Kim
read more