Sign up to save your podcasts
Or
Share DFSP # 284 - Fast Triage case study: non-Windows core processes
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DFSP # 284 - Fast Triage case study: non-Windows core processes
This week we’re going to take a look at how standard triage methodology can detect advanced attack techniques. Even as a newer examiners, if you learn the standard triage methods that I have covered in the fast triage series, you will find the skills provide ample opportunity to detect all sorts attack activity-even very advanced attack activity. This is because there are natural chokepoints in the attack chain that can be used to your advantage. This week we are going to see the non-Windows core process triage in action through the lens of a very advanced attack dubbed “operation ghost.”
View all episodes
By Digital Forensic Survival Podcast
4.8
6060 ratings
This week we’re going to take a look at how standard triage methodology can detect advanced attack techniques. Even as a newer examiners, if you learn the standard triage methods that I have covered in the fast triage series, you will find the skills provide ample opportunity to detect all sorts attack activity-even very advanced attack activity. This is because there are natural chokepoints in the attack chain that can be used to your advantage. This week we are going to see the non-Windows core process triage in action through the lens of a very advanced attack dubbed “operation ghost.”
More shows like Digital Forensic Survival Podcast
View all
Adversary Universe Podcast
78 Listeners