SANS@MIC - Remote Forensic Investigations in the Context of COVID-19
Many of us are confined at home due to the COVID-19 pandemic. But, business as usual, many organizations are still facing security incidents (related to the virus or not). Let's imagine the following scenario: Your phone rings because a customer detected some suspicious activity on a server or a workstation. Of course, it must be investigated "as soon as possible". The server is physically located 500km away and you're stuck at home... How to handle this situation?
During this SANS@MIC webcast, I'll present and demonstrate a customizable live CD based on free tools to perform remote forensic investigations: check filesystems for indicators of compromise, take memory image, extract logs, and much more...
Speaker and Presenter Information
Xavier Mertens
Xavier Mertens is a freelance cybersecurity consultant based in Belgium. His daily job focuses on protecting his customer's assets and data. Oriented mainly to defensive security, he offers services like incident handling, forensic investigations, log management, OSINT and hunting for bad guys in general. Besides his daily job, Xavier is also a security blogger (https://blog.rootshell.be), a SANS Internet Storm Center handler (https://isc.sans.org), and co-organizer of the BruCON (http://www.brucon.org) security conference. He’s in the process of becoming a SANS instructor for the malware reverse engineering training (FOR610).
Relevant Government Agencies
DOD & Military, Federal Government, State & Local Government
Event Type
Webcast
This event has no exhibitor/sponsor opportunities
When
Mon, Aug 10, 2020, 3:30pm - 4:30pm
ET
Cost
Complimentary: $ 0.00
Website
Click here to visit event website
Organizer
SANS