Track 3
5 Feb 2022 11:00 AM - 12:00 PM

Advanced Persistent Threat (APT) groups do not like to have the evidence of their crime into their targets, usually, they would develop or use file-less malware to not leave any fingerprints traces proof their crime and unleashed their operations. Network forensics analysis became an essential skills to uncover APTs operation and identify what has happened by utilizing Wireshark and other open-source tools to analyze network packet captures (PCAP). In this lecture, we will introduce couple of APT attack scenarios and walk-through how to analyze them.

Rami AlTalhi
Incident Response Consultant @ Cisco Talos

Rami has experience across different information security and cybersecurity fields for over 13years. Worked as Incident Response Expert in the past for four years to handle different cyber incident and events. Provided DFIR and Cyber Range training for different regions in the world (Europe, Asia, Middle East and US). Dealt with different sophisticated APT cyber incident cases that ranging from cyber espionage until data destruction.