Training Details

Training Duration: 2 Days

Enemy at the gates! an attacker has walked into our system using a file-less
threat with minimum traces left on the hard disk. A proactive hunt is crucial to
minizine the dwell time of these types of attacks. This hands-on workshop will
discuss a comprehensive technical and proactive cyber threat hunting via
system live analysis, window event logs investigation, memory forensics, and
network traffic analysis. All the case studies are practical and mapped with
MITRE ATT&CK and D3FEND knowledge bases.

Agenda:

Day 1 – session 1:

Reactive vs Proactive Cybersecurity

  • Threat Hunting
  • Threat Hunt success factor
  • A hunt loop and hypothesis
  • Lab setup and real life attack

Day 1 – session 2:

  • Hunt 1: windows live Analysis
  • Hunt 2: windows event logs investigation

Day 2 – session 1:

  • Hunt 3: Memory forensics

Day 2 session 2:

  • Hunt 4: Network packet analysis