Скачать или смотреть You need a PROcess to check your running processes and modules w/ Michael Gough - SANS DFIR Summit

You need a PROcess to check your running processes and modules w/ Michael Gough - SANS DFIR Summit

digital forensicsincident responsethreat huntingcyber threat intelligencedfir trainingdfirlearn digital forensicslearn computer forensicsforensic dataforensics artifactsfree digital forensicsfree computer forensicsDFIR Summit

Скачать You need a PROcess to check your running processes and modules w/ Michael Gough - SANS DFIR Summit бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно You need a PROcess to check your running processes and modules w/ Michael Gough - SANS DFIR Summit или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Информация по загрузке:

Cкачать музыку You need a PROcess to check your running processes and modules w/ Michael Gough - SANS DFIR Summit бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео You need a PROcess to check your running processes and modules w/ Michael Gough - SANS DFIR Summit

You need a PROcess to check your running processes and modules. The bad guys, and red teams are coming after them!

If there is a file on disk, you can easily SEE the bad fu, but what if the malware is nowhere to be found on the disk? Malware can be broken up into several types, some call it "fileless malware" (poor non-descript term). The malware really isn’t fileless, the file, or code lives somewhere, the registry, WMI database, or the focus of this talk, in memory. This talk will focus on Memware that has been injected into memory, most likely injected a process or added a DLL and may not reside on disk while the system is running.

Do you have a PROcess to detect, investigate, respond, and/or hunt for Memware?

This talk will walk through some commodity and Red Team examples of how this works and what you can do to address this newly expanding threat that is becoming more and more common in commodity malware, Red Team engagements, and of course APT attackers, because it can avoid so many security tools. Attendees will leave with some ideas and tools that can help you detect, investigate and hunt for Memware.

Michael Gough, @MichaelGoughTX, Principal Incident Response, NCC Group

The annual SANS Digital Forensics & Incident Response (DFIR) Summit is the most comprehensive DFIR event of the year, bringing together a passionate and influential group of experts, cutting edge research and tools, immersive training, and industry networking opportunities. Learn more about this event at https://www.sans.org/event/digital-fo...

DFIRCON 2020 - Live Online
sans.org/event/dfircon-2020-live-online
Virtual, US Eastern | Mon, Nov 2 - Sat, Nov 7, 2020

Courses Available:
FOR308: Digital Forensics Essentials - NEW
FOR498: Battlefield Forensics & Data Acquisition
FOR500: Windows Forensic Analysis
FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
FOR518: Mac and iOS Forensic Analysis and Incident Response
FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response
FOR578: Cyber Threat Intelligence
FOR585: Smartphone Forensic Analysis In-Depth
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques

Комментарии

Информация по комментариям в разработке