Written by Vitaly Kamluk

2 minute read

29-30 June! Threat reconnaissance using remote scoutware

Expert-led online bootcamp (only 10 places)

Trainers: Vitaly Kamluk, Nicolas Collery

Training overview

Incident response to live cyberattacks require silent navigation through compromised assets, sometimes in large distributed networks. The popular approach relies on EDR or other live agent-based solutions. However, the activation of security agents and obvious activities on live compromised systems may trigger alerts of advanced threat actors. Once alerted, a cleanup operation and destruction of evidence can happen. Moreover, offline system analysis may not be easy due to the physical distance to the compromised system or scale of the network. This is where remote stealthy threat discovery with “scoutware”, software for threat hunting and instant system analysis, becomes incredibly useful.

In our middle to advanced-level bootcamp you will be introduced to the free, open-source scoutware tool Bitscout developed by Vitaly Kamluk from Kaspersky GReAT in collaboration with INTERPOL, that has been successfully used by Kaspersky researchers for years. During the bootcamp you will create your own remote analysis tool and practice it right away in the provided virtual lab!

Timing

29th and 30th June, 2021
9.00am to 1.20pm UTC

Class plan

1. Introduction and theory
2. Crafting your own scoutware
3. Exercises:
-> Discovering malware remotely
-> Finding the origins of infection
-> Disk image acquisition and live disk data streaming
-> Safely starting the analysed OS for interactive and dynamic analysis
-> Using Bitscout to train your team
-> Converting compromised host into a honeypot
4. Q&A

Pre-requisites

• You should be comfortable working with Linux command line
• Understanding of Bash scripting
• Experience with virtualization and networking
• Understanding of Linux, Windows and basics of macOS
• Experience with infected or compromised systems
• You’ll be provided access to the virtual environment with everything set up for you

Price: $990 USD inc. tax per attendee (credit card payments only)

LEARN MORE AND REGISTER