|
Who Should Attend
Due to the sensitive and technical nature of this class, it is only recommended for professional, full-time, cyber crime investigators and enterprise network defense professionals responsible for network defense, threat mitigation, incident response and evidence gathering. Corporate and government employees are welcome (1).
Attendees should possess a sound understanding of TCP/IP and enterprise authentication, and at least two years of experience with network perimeter defense systems.
What You Will Learn
Enterprise Intrusion Investigations
Investigators will gain big picture perspective on the complexities of enterprise class network defense strategy and learn how experienced hackers can successfully circumvent those measures. The class will demonstrate through lectures and real world case studies how improperly implemented authentication across a large organization or a broadly staged infrastructure may lead to an undetectable, catastrophic security breach. These sessions reveal the techniques and thought processes employed in effectively investigating some of the most sophisticated and well-engineered attacks.
Pitfalls of Standard Defenses
Some investigators skirt the technical details of the most complex cases in favor of a high level approach that relies upon widely accepted investigation tools and techniques. The most experienced attackers, however, apply custom tools and tactics, unconventional thinking, and superb mastery of technical detail to achieve their objectives.
The best attackers use a company’s own defenses, even its own protective encryption systems, to foster attacks and to prevent discovery. Using real-world case histories, this portion of the course will stimulate the thinking of the most experienced cyber crimes investigators, while guiding less experienced investigators through the use of customized and unconventional investigation techniques and tools to solve these complex cases.
Threat Profiling and Identification
These sessions introduce attendees to a sophisticated new methodology that allows investigators to detect and to solve complex cases rapidly, even when the evidence appears to be missing, destroyed, or overwritten. These sessions focus on developing the mentality and skill set that leads to the use of these effective investigative techniques. The goal is to teach the attendee to understand and out-think the adversary, not attempt to match technical prowess with elusive foes that are almost always one step ahead.
Attendees will learn that insider threats can be largely eliminated through implementation of covert psychological profiling in the pre-employment review process, combined with periodic follow up assessments of active duty personnel.
Disclaimers and Conditions
1. Gray Hat Research will
carefully review the background and credentials of all non-law
enforcement applicants. Gray Hat Research reserves the right to
reject any and all non-law enforcement applicants for any reason
without explanation. Alternatively, Gray Hat Research may elect to modify the class content to reduce the
sensitivity sufficient to match certain groups of non-law
enforcement applicants. |
