<s>Bitscout Training at SAS 2020</s> (canceled) | Bitscout

Bitscout Training at SAS 2020 (canceled)

Training at SAS 2020 in Barcelona

Written by Vitaly Kamluk

2 minute read

Note: Note: Due to COVID-19 pandemic, the SAS conference was postponed as well as Bitscout training. More information will be published later in an updated post. The SAS has been moved to November 18-21, 2020 according to this announcement. For more information please follow TheSAScon twitter feed. Below you may find the older training announcement.

29-30 June! Threat reconnaissance using remote scoutware

After high interest and great success at SAS2019 in Singapore where we had full class of students, we are going to host another Bitscout training at SAS2020 with updated training materials.After high interest and great success at SAS2019 in Singapore where we had full class of students, we are going to host another Bitscout training at SAS2020 with updated training materials.

Location: Virtual training venue
Dates: ~~April 5-6, 2020~~ Nov 18-21, 2020

ABOUT THE TRAINING

The increased frequency and complexity of advanced cyberattacks require swift response and silent navigation through compromised assets of sometimes large distributed networks. One of most popular approaches today relies on EDR or other live agent-based solutions. This is useful when responding to attacks by low skilled or below-average adversaries. However, the activation of security agents and activities on live compromised systems may trigger the attacker’s alerts, which may lead to a massive cleanup operation and destruction of evidence. Offline system analysis, on the other hand, may not be easy due to physical distance to the compromised system or scale of the network. This is where remote offline digital forensics becomes an incredible useful approach.

Attendees will learn how to build their own remote analysis tool, package with their own arsenal and how to handle customizations.

PREREQUISITES

Familiarity with digital forensics principles
Malware analysis and basic reversing skills
Understanding of virtualization, networking, OS architecture, coding and scripting

Class plan:

1. Introduction and theory
2. Building your own remote ninja tool
3. Exercises:
-> Discovering malware remotely
-> Finding attack infection vectors
-> Remote disk image acquisition methods
-> Virtualization-based wizardry
-> Breaking through proprietary disk encryption
-> Analyzing non-Windows platforms
-> Converting compromised host into safe honeypot

Class: limited to max 15 participants
Hardware & Software requirements: Laptop or VM with Debian-based Linux, i.e. Ubuntu
Duration: 2 days

*price includes hotel accommodation April 5-6, breakfast, lunch and coffee breaks, and does not include SAS 2020 pass

JOIN THE TRAINING

Still Need Help?

Bitscout Bugs

If you find any bugs or problems with the project, please open an issue over on Github.

Github

Twitter

Feel free to tweet at me if you have suggestions for Bitscout. Or if you just want to say hi.

Twitter