Getting started...help me help you

Presented at BSidesSF 2015, April 20, 2015, 5 p.m. (60 minutes).

You've been pwned. It's a Friday and you just got some sketchy email, some reporter just called you, or the Feds somehow sent you a fax and some dudes whose first names are Special Agent darken your door. They don't tell you much, so now you're wondering - WTF should I do. Before you call high-priced consultants - like me - help me help you. I'll be honest, if you screw things up right at the beginning, I'm going to be there a lot longer than you want me - I'll be unhappy and you'll be unhappy with the results. During this talk, I'll tell you what to do, and what not do; where to look, and where not to look; what to say, and what not to say when badness happens to you. Also, I'll walk through a quick scenario and together we'll cheat our way into a poor-mans batch script to help you collect and store the valuable, volatile data so you can safely shut down your system, unplug the interwebz, and go out for a drink.

Presenters:

• David Trollman

Links:

• https://bsidessf2015.sched.com/event/37H9/getting-startedhelp-me-help-you

Similar Presentations:

• DEF CON 24 (2016) / So You Think You Want To Be a Penetration Tester
• DEF CON 24 (2016) / Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game
• ShmooCon 2023 / You and Me (But Mostly Me)