Bitscout Training at SAS 2020 (canceled)

Training at SAS 2020 in Barcelona

...

Written by Vitaly Kamluk

2 minute read


29-30 June! Threat reconnaissance using remote scoutware

After high interest and great success at SAS2019 in Singapore where we had full class of students, we are going to host another Bitscout training at SAS2020 with updated training materials.After high interest and great success at SAS2019 in Singapore where we had full class of students, we are going to host another Bitscout training at SAS2020 with updated training materials.

Location: Virtual training venue
Dates: April 5-6, 2020   Nov 18-21, 2020

ABOUT THE TRAINING

The increased frequency and complexity of advanced cyberattacks require swift response and silent navigation through compromised assets of sometimes large distributed networks. One of most popular approaches today relies on EDR or other live agent-based solutions. This is useful when responding to attacks by low skilled or below-average adversaries. However, the activation of security agents and activities on live compromised systems may trigger the attacker’s alerts, which may lead to a massive cleanup operation and destruction of evidence. Offline system analysis, on the other hand, may not be easy due to physical distance to the compromised system or scale of the network. This is where remote offline digital forensics becomes an incredible useful approach.

Attendees will learn how to build their own remote analysis tool, package with their own arsenal and how to handle customizations.

PREREQUISITES

  • Familiarity with digital forensics principles
  • Malware analysis and basic reversing skills
  • Understanding of virtualization, networking, OS architecture, coding and scripting

Class plan:

1. Introduction and theory
2. Building your own remote ninja tool
3. Exercises:
-> Discovering malware remotely
-> Finding attack infection vectors
-> Remote disk image acquisition methods
-> Virtualization-based wizardry
-> Breaking through proprietary disk encryption
-> Analyzing non-Windows platforms
-> Converting compromised host into safe honeypot

Class: limited to max 15 participants
Hardware & Software requirements: Laptop or VM with Debian-based Linux, i.e. Ubuntu
Duration: 2 days

*price includes hotel accommodation April 5-6, breakfast, lunch and coffee breaks, and does not include SAS 2020 pass

JOIN THE TRAINING

Still Need Help?

Bitscout Bugs

If you find any bugs or problems with the project, please open an issue over on Github.

Github
Twitter

Feel free to tweet at me if you have suggestions for Bitscout. Or if you just want to say hi.

Twitter