DFIR & Crisis Management – Post-mortems & Lessons Learned in the Pain from the Field

Botconf 2019
Thursday
2023-04-24 | 16:55 – 17:45

Vincent Nguyen 🗣 | Jean Marsault 🗣 | Antoine Vallée 🗣

This presentation aims to summarize the best wins & fails of crisis management based on our field experience. We will cover different phases of a crisis with real life examples such as:

  • A CISO and a CIO convinced that a member of their team is in collusion with the adversary.
  • An “AD dump” found on a threat actor server mobilized more than 300 people… before becoming a false positive.
  • A classic threat hunting that became an incident response following the discovery of Conficker… 9 years after its discovery.
  • Etc.


Scroll to Top