DFIR & Crisis Management – Post-mortems & Lessons Learned in the Pain from the Field
Vincent Nguyen 🗣 | Jean Marsault 🗣 | Antoine Vallée 🗣
This presentation aims to summarize the best wins & fails of crisis management based on our field experience. We will cover different phases of a crisis with real life examples such as:
- A CISO and a CIO convinced that a member of their team is in collusion with the adversary.
- An “AD dump” found on a threat actor server mobilized more than 300 people… before becoming a false positive.
- A classic threat hunting that became an incident response following the discovery of Conficker… 9 years after its discovery.
- Etc.