Kyle Dempsey and I have been busy putting together content for the upcoming Fresh Prints webinar, "Choose Your Own Adventure," being held this Thursday, April 15th at 2PM EDT. If you thought of the Choose Your Own Adventure® book series when you saw the title, you understand where we're going with this.
This webinar's content was developed based on feedback we received from registrants, specifically:
- How does MANDIANT "Find Evil"
- Malware internals
After gathering responses, what we found was that people know the basics about the APT - and what they are most interested in knowing is how our consultants go out in the field and actually find the attackers.
I have seen some presentations pop-up that speak at a high level on this threat, but they always stop short of showing you how the attackers compromise an organization's network or how an investigation was conducted. Kyle and I wanted to create a webinar that showed how we actually conduct an investigation (tools used, screenshots of results...etc.) using real client data (used with their permission).
The webinar details what we would do with traditional drive based forensics to find malware and contrasts it with real examples of using an approach that scales to an enterprise environment with tens of thousands of hosts (without using an army of investigators and imaging every system under the sun).
I hope you can join us Thursday for the webinar. As always, there will be plenty of time at the end of the presentation for Q&A.