INTRODUCTION TO DEFINING TTPS FROM INCIDENT DATa
About the workshop
This analytics workshop is for those who are curious about or need a refresher on how to derive the use of tactics, procedures and techniques from within incident data. To get the most out of this workshop, you should feel comfortable with basic analysis and hunting methods. The workshop will provide a the random assortment of information that represents data from an incident. You are then taken through a series of steps to analyze the information to look for artifacts, patterns and hints that enable you to build and confidence rate techniques, procedures and tactics to better under the process flow of the adversary during the incident.
About CyberDefenses, Inc.
CyberDefenses, Inc.'s mission is to shield customers against cyber threats through comprehensive oversight, defense, and training services. Founded in 2001 by a team of returning military, cyber security veterans, CyberDefenses has a dual focus on government/public sector and private sector organizations. Through a comprehensive suite of managed services – including security oversight, identity management, security monitoring, managed detection, incident response and certification / skill training – battle tested cyber security measures are affordably offered to buyers.
You will learn to:
You will need:
Class size: 20
When: 13:00-16:00
Where: Richter 106
This analytics workshop is for those who are curious about or need a refresher on how to derive the use of tactics, procedures and techniques from within incident data. To get the most out of this workshop, you should feel comfortable with basic analysis and hunting methods. The workshop will provide a the random assortment of information that represents data from an incident. You are then taken through a series of steps to analyze the information to look for artifacts, patterns and hints that enable you to build and confidence rate techniques, procedures and tactics to better under the process flow of the adversary during the incident.
About CyberDefenses, Inc.
CyberDefenses, Inc.'s mission is to shield customers against cyber threats through comprehensive oversight, defense, and training services. Founded in 2001 by a team of returning military, cyber security veterans, CyberDefenses has a dual focus on government/public sector and private sector organizations. Through a comprehensive suite of managed services – including security oversight, identity management, security monitoring, managed detection, incident response and certification / skill training – battle tested cyber security measures are affordably offered to buyers.
You will learn to:
- Identify tactics employed from incident data using the artifacts & vectors model
- Define procedures employed from incident data using the hints & inference model
- Separate the presence of a technique from that of a procedure
You will need:
- A laptop
- Three free hours
- Experience with incident response, threat hunting and forensics.
- Familiarity with the various types of incident information and network data; familiarity with basic analysis and hunting methods.
- Software capable of opening spreadsheets, documents and CSV files. Command line capabilities here would be helpful.
- To sign up, see below
Class size: 20
When: 13:00-16:00
Where: Richter 106
sign up
Space is limited, so you'll need to sign up beforehand to participate in this workshop. Please click the button below in order to sign up.