A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


No Easy Breach: Challenges and Lessons from an Epic Investigation - Matthew Dunwoody, Nick Carr Derbycon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

No Easy Breach: Challenges and Lessons from an Epic Investigation
Matthew Dunwoody, Nick Carr
Derbycon 2016

Every IR presents unique challenges. But ? when an attacker uses PowerShell, WMI, Kerberos attacks, novel persistence mechanisms, seemingly unlimited C2 infrastructure and half-a-dozen rapidly-evolving malware families across a 100k node network to compromise the environment at a rate of 10 systems per day ? the cumulative challenges can become overwhelming. This talk will showcase the obstacles overcome during one of the largest and most advanced breaches Mandiant has ever responded to, the novel investigative techniques employed, and the lessons learned that allowed us to help remediate it.

Matthew Dunwoody and Nick Carr are incident responders at Mandiant, specializing in digital forensics and network analysis. Matt has several years of experience as a technical lead for large-scale IR engagements and high-tech crime investigations. Nick has experience in computer security and intelligence roles and previously served as Chief Technical Analyst and incident response team lead for DHS ICS-CERT, focusing on SCADA systems and critical infrastructure cyber attack readiness and response.

@matthewdunwoody, @itsreallynick

Back to Derbycon 2016 video list

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast