Steve Armstrong: Advanced Incident Remediation Techniques

Over the next few weeks we’re going to announce the 44CON talks and workshops. Don’t forget to get your tickets!

Our fifth announcement is Steve Armstrong – Advanced Incident Remediation Techniques

When working in large network breaches, the technique of removing the infected hosts immediately and one-by-one is not the best or only option. In this presentation we will look at the other methods used: “mass remediation” and “out running the attacker”. We will look at the conditions necessary to make them work (team, profile, target, network and attacker), how they scale, the sort of resources you need to make this effective and how the attacker may respond if you don’t maintain control.

This is a ‘from the trenches’ session and not an academic thesis, the presenter has implemented various techniques and faced different results, both good and bad. This session is your opportunity to learn from their experience.

Steve began working in the security arena in 1994 whilst serving in the UK Royal Air Force. He specialised in the technical aspects of IT security from 1997 onward, and before retiring from active duty, he lead the RAF’s penetration and TEMPEST testing teams. He founded Logically Secure in 2006 to provide specialist security advice to government departments, defence contractors, the online video gaming industry, and both music and film labels worldwide.

When not teaching for SANS, Steve provides penetration testing and incident response services for some of the biggest household names in the high street, online gaming and music media. To relax, Steve enjoys playing Battlefield and FPS games to loud music.

You can follow Steve on Twitter @Nebulator

Details of all of our talks, workshops and speakers are being announced daily. Don’t forget to book your tickets before they’re sold out!