TMCnet News

DFLabs to Reveal Best Practices for "Live Box" Forensics at SANS Threat Hunting and IR Summit
[September 07, 2018]

DFLabs to Reveal Best Practices for "Live Box" Forensics at SANS Threat Hunting and IR Summit


DFLabs, the pioneer in Security Orchestration, Automation and Response (SOAR), today announced that Senior Product Manager and security operations and incident response expert John Moran will present best practices for using "live box" forensics at the upcoming SANS Threat Hunting and Incident Response Summit in New Orleans.





 

WHO:

John Moran, Senior Product Manager at DFLabs, is an expert in security operations, incident response, digital forensics and investigations. He has served as a Senior Incident Response Analyst for NTT (News - Alert) Security, Computer Forensic Analyst for the Maine State Police Computer Crimes Unit and Task Force Officer for the US Department of Homeland Security. John currently holds GCFA, CFCE, EnCE, CEH, and CHFI certifications as well as degrees in Digital Forensics and Information Security.
 

WHAT:

Organizations are experiencing an increase in complex cyber threats and advanced attack techniques such as the use of file-less malware. In response, security operations personnel are turning to the use of "live box" forensics in threat hunting, despite its perceived risks and pitfalls. In this session, John will detail the Dos and Don'ts when conducting "live box" forensics for threat hunting and provide a best practices framework for incident response teams. In addition, he will use a newly released, free Windows tool that automates data acquisition to demonstrate "live box" techniques.
 

WHEN:

Friday, September 7, 2018 at 10:45-11:20 am CDT (News - Alert)
 

WHERE:

SANS Threat Hunting and Incident Response Summit, Astor Crowne Plaza, 739 Canal Street, New Orleans, Louisiana, USA
 

HOW:

To schedule an in-person meeting at the conference or a phone conversation with John Moran, contact Marc Gendron at [email protected] or +1 781.237.0341. For more information: https://www.sans.org/event/threat-hunting-and-incident-response-summit-2018/summit-agenda.

 

About DFLabs
DFLabs is an award-winning and recognized global leader in security orchestration, automation and response (SOAR) technology. The company's management team has helped shape the cyber security industry, which includes co-editing several industry standards such as ISO 27043 and ISO 30121. Its flagship product, IncMan SOAR, has been adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in Europe, North America, and EMEA. For more information, visit www.dflabs.com or connect with us on Twitter (News - Alert) @DFLabs.


[ Back To TMCnet.com's Homepage ]