Sitemap Contact Us
When: Back to Calendar December 10, 2013 @ 5:30 pm - 7:00 pm
Where: CyberCorps Security Seminar: Incident Response
7800 York Road #459
Towson,MD 21204
USA
Categories: Cybersecurity Seminar

CyberCorps Security Seminar: Incident Response

Speaker:  Cameron Ero

Abstract

Join Cameron Ero as he demonstrates how to utilize the free tool Mandiant Redline™ as well as the Open Indicators of Compromise (IOC) framework. Redline is a popular utility for gathering and analyzing triage data from compromised computer systems. The OpenIOC framework allows responders to effectively share threat information in a machine-readable form, which allows them to rapidly identify evidence of compromise. The purpose of the demonstration is to showcase Redlines capabilities by example, as well as give an introduction to Incident Response. During the demonstration the audience will learn how to: set up and configure Redline, collect triage data, analyze triage data, and then develop an IOC to aid in identifying additional compromised systems. Attendees will walk away with the ability to use the Redline utility to triage a potential compromise, as well as a better understanding of the challenges and responsibilities of an incident responder.