Martin Schmiedecker at HackPra, Bochum

January 18, 2017

Today, Martin Schmiedecker presents at the HackPra lecture at RUB, Bochum. He joins an impressive list of previous speakers, among others Mario Heiderich, Stefan Esser, Ange Albertini or Felix ‘FX’ Lindner.

Title: Turning Incident Response to Eleven
Abstract: We’ve all been there – this one course at university where they tell you to actually read the log files, do proper incident response, and document everything. And its all fun and games, until you get hit by reality and have to analyze a possible security incident with a laterally moving attacker, and possibly more than 100 affected systems. Or 1000. Or even more … Next thing you remember is waking up in a room without windows, packed with hard drives that are labeled obscurely, and a hardware write blocker that only does USB 2.0.

In this talk I’ll show which analysis techniques and tools that work at scale, namely for many systems in parallel. And central logging is just a tiny piece in the puzzle. In particular I will present the new open-source tools GRR, bulk_extractor/fiwalk and peekaTorrent.

You can find the video of the talk here.

Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

News