FIRST TC Amsterdam - Day 1
FIRST TC Amsterdam - Day 2
|08:30 – 15:00|
Olaf Hartong, Henri Hambartsumyan (FalconForce, NL)
Olaf Hartong, Henri Hambartsumyan (FalconForce, NL) (NL)
Building good analytics and automated detection capabilities require a detailed understanding of attackers and their known or expected behaviour. By understanding the different tools and techniques used by attackers and what indicators can be extracted, better detection capabilities can be developed. This process is called Detection Engineering and it is a crucial aspect to be truly effective at discovering attackers in your network.
This workshop has a hands-on focus and will challenge the participant to build detections that are resilient against evasion based on technique research and investigation of available logging. To do so, the training consists of a small introduction, followed by a focus on hands-on guided exercises that can be performed in our lab environment to provide an active learning experience.
Requirements: to connect to our lab environment, participants only need to connect via Microsoft RDP (Remote Desktop Protocol) to our lab environment.
April 12, 2022 08:30-15:00