Abstract: Many enterprises spend millions of dollars on security, had SOCs, firewalls, IDFs and anti-virus systems but still become compromised. Had they taken a more proactive approach they may have been able to identify the "hackers" within their systems before data was exfiltrated or Ransomware was installed. In this course we will discuss techniques used in threat hunting, identify products both open source and commercial that will assist the practitioner and review the areas and artifacts left behind by hackers that will show potential indicators that a system may have been compromised.
Bio: Steve is a high-tech investigator and business consultant with over 25 years of experience having worked within a big four accounting firm, a national accounting firm as well as having started his own software and consulting company. He specializes in the utilization of information technology and information analysis within complex corporate disputes, investigations, litigation and business turnarounds. His broad range of experience spans the disciplines in digital forensics, investigations, risk management, cyber security, IT management, data analytics and litigation support.
He has worked on hundreds of engagements, from investigating small IP theft and employee misconduct cases to large complex international Ponzi and fraud schemes where he managed cross border teams that collected and analyzed information on matters that often took years to resolve. Steve also serves as a testifying expert on cases