Incident Analysis

From March 14, 2016 to March 15, 2016

This training is a practical incident analysis workshop, focusing on windows systems and a bit traffic analysis with lots of hands on exercises. It is designed for anybody with IT background, willing to learn some of the essential steps during an incident analysis. This is not an advanced class, but more of an incident analysis 101 with a steep learning curve. Topics like incident handling and incident response will not be part of this course.

During this course you will (hopefully ;-) ) learn a lot about windows/malware internals, and how to

The language of this course depends on the attendees: If only Germans attend the training will be done in Deutsch, otherwise the training will be done in English.

Requirements for this course:

Good to have, but not necessary:

Experience with at least one programming language. Basic knowledge about hacking techniques.

Frank Block

Frank Block is a security consultant working for ERNW GmbH with more than 7 years of experience. His main expertise lies with infrastructe/web application pentesting and the analysis of incidents. When not involved in customer projects, he researches in the memory forensics field.

Dominik Phillips

Dominik Phillips is a german pentester and security researcher with extensive experience in corporate environments. His daily work enfolds security evaluations and penetration testings of infrastructures. Besides of giving trainings in computer security, he is doing research and development in security areas.

Michael Thumann

Michael Thumann is Chief Security Officer and head of the ERNW application security team. He has published security advisories regarding topics like ‘Cracking IKE Preshared Keys’ and Buffer Overflows in Web Servers/VPN Software/VoIP Software. Michael enjoys sharing his self-written security tools (e.g. ‘tomas – a Cisco Password Cracker’, ‘ikeprobe – IKE PSK Vulnerability Scanner’ or ‘dnsdigger – a dns information gathering tool’) and his experience with the community. Besides numerous articles and papers he wrote the first (and only) German Pen-Test Book that has become a recommended reading at german universities.

In addition to his daily pentesting tasks he is a regular conference-speaker (e.g. Blackhat, HITB and RSA Conference) and has also contributed exploit code to the Metasploit Framework. With more than 10 years of experience in computer security Michaels’ main interest is to uncover vulnerabilities and security design flaws from the network to the application level and reverse almost everything to understand the inner working.