|When:||Back to Calendar December 10, 2013 @ 5:30 pm - 7:00 pm||Where:||CyberCorps Security Seminar: Incident Response
7800 York Road #459
|✔ Add to Calendar Add to Google Calendar|
CyberCorps Security Seminar: Incident Response
Speaker: Cameron Ero
Join Cameron Ero as he demonstrates how to utilize the free tool Mandiant Redline™ as well as the Open Indicators of Compromise (IOC) framework. Redline is a popular utility for gathering and analyzing triage data from compromised computer systems. The OpenIOC framework allows responders to effectively share threat information in a machine-readable form, which allows them to rapidly identify evidence of compromise. The purpose of the demonstration is to showcase Redlines capabilities by example, as well as give an introduction to Incident Response. During the demonstration the audience will learn how to: set up and configure Redline, collect triage data, analyze triage data, and then develop an IOC to aid in identifying additional compromised systems. Attendees will walk away with the ability to use the Redline utility to triage a potential compromise, as well as a better understanding of the challenges and responsibilities of an incident responder.