You have already seen Bogdan in “Attacks on Windows Infrastructure” announce.
So let us introduce to you his team-mate Oleh Levytskyi.
Oleh has 4 years experience as a full time IT-Security Analyst I am currently responsible for malicious software analysis, forensics, incident response, Security Product researches and development.
During this workshop we will ensure, that network logs are one of the most efficient sources to hunt adversaries, but building good analytics capabilities require a deep understanding of benign activity and attacker behavior. This training focuses on detecting real-case attacks, tools and scenarios by the past year.
The training is highly interactive and retains a good balance between theory and a lot of hands-on exercises for the students to get used to the detection engineering methodology and prepare them to start implementing this at their organizations.
Schedule link: https://cfp.nonamecon.org/nnc2021/talk/XQ9CKD/
Zoom link: https://zoom.us/j/9399893033
Discord Channel(nnc-activities) for QA link: https://discord.gg/7Ts4CWzk
STUDENT REQUIREMENTS
Students should be familiar with Windows and have at least basic Splunk and WireShark experience.
WHAT STUDENTS SHOULD BRING
Laptop with VmWare installed, imported training VM and with minimum 8GB RAM and 100 GB SSD free.
Link to the VM: https://drive.google.com/file/d/1ckBTJZZmhKrqYM7gjpwUOOccvMm4Cy9D/view?usp=sharing Alternative link: https://fex.net/s/bzmnt2s
WHAT STUDENTS WILL BE PROVIDED WITH
- Training slides
- Training VM
- All tools and scripts used in the training
TRAINING VM CREDENTIALS
Virtual Machine credentials:
username:
nncworkshoppassword:
nncworkshop
Splunk credentials:
username:
adminpassword:
nncworkshop