Advanced incident remediation techniques

Presented at 44CON 2016, Unknown date/time (Unknown duration).

When working in large network breaches, the technique of removing the infected hosts immediately and one-by-one is not the best or only option.  In this presentation we will look at the other methods of used; "mass remediation" and "outrunning the attacker".  We will look at the conditions necessary to make them work (team, profile, target, network and attacker), how they scale, the sort of resources you need to make the effective and how the attacker may respond if you don't maintain control. This is a ‘from the trenches' session and not an academic theses, the presenter has implemented various techniques and faced different results, both good and bad.  This session is your opportunity to learn from their experience.

Presenters:

Similar Presentations: