In today's world, almost all activities take place over the internet, such as banking, homework assignments, television programs, phone conversations, and more. While the internet has positively impacted the way we work, learn, and communicate, it is also used by those with malicious intentions.
During this hands-on webinar, experts from Stamus Networks will demonstrate what bad actors do, how malware operates, and how to detect and catch these intrusions. We will also walk through the basic principles of network threat hunting and will demonstrate how to uncover ransomware and Advanced Persistent Threats.
Attendees will learn how to:
- Use Suricata as a monitoring tool
- Chase APTs and malware actors, known and unknown
- Hunt and investigate using open-source tools
- Recognize types of malware, behaviors, and current trends
Agenda:
- Introduction
- Speaker introduction
- Experience/feedback in malware IR/hunting/investigations
- Goal of Network Forensics – purpose and how it’s collected & analyzed
- Overview of Suricata as a monitoring tool
- Pyramid of pain (chasing APTs and malware actors, knowns and unknowns)
- Overview of Ransomware (types of malware, behaviors, current trends)
- Case-study: walk through an example of APT case
- Hunting and investigation: Easiest way to spin up a complete network monitoring distro
- with Suricata for Hunting, teaching and investigations comprised of only open-source tools (docker-based, runs on Linux: Ubuntu/Debian etc)
- Case-study (hands-on): live example of Ransomware malware network traffic
- Free and OSS Resources for malware training , data and investigations
- Q/A