Workshop: Windows Live Analysis: A hunt we can't refuse!

We may assume the operating systems are mature enough not to be targeted as much as humans. The recent security reports by Microsoft proves us wrong! 117 Vulnerabilities and nine zero-days only in July. There is a  chance that an attacker has walked into our system using any of those vulnerabilities. Shall we acquire forensics images to conduct a passive investigation? What if we deal with a massive volume of data storage in which making forensics images requires a long time and a few packs of popcorn! What about sophisticated attacks that may not leave any traces on the hard disk, such as file-less attacks. Plus, a proactive hunt is crucial to minizine the dwell time of cyberattacks.  This hands-on workshop will discuss a comprehensive technical checklist for system live analysis and proactive cyber threat hunting using manual observation, automation, visualisation, and advanced analytical techniques. All the case studies are practical and mapped with MITRE ATT&CK and D3FEND knowledge bases.

Agenda:

Requirements: Laptop with Windows operating system – It is highly recommended to use Windows 10 in a virtual environment with admin rights.