Hi [[ session.user.profile.firstName ]]

eSummit 3 Cyber-Forensics - an Overview of Intrusion Investigations

Dr Gareth Owenson is the course leader for the Forensic Computing programme at the University of Portsmouth. He teaches extensively in forensics, cryptography and malware analysis. His research expertise is in darknets, where he is presenting working on alternative approaches that may lead to novel applications of the blockchain. Gareth also has a strong interest in Memory Forensics, and undertakes work into application-agnostic extraction of evidence by using program analysis.

Gareth has a PhD in Computer Science (2007) and has taught at several Universities throughout the UK.
Recorded Oct 26 2016 41 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dr. Gareth Owenson, Senior Lecturer, University of Portsmouth, Christopher Laing,(ISC)2 EMEA Advisory Board Member
Presentation preview: eSummit 3 Cyber-Forensics - an Overview of Intrusion Investigations

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • CISO Says With Kevin Fielder, Chief Information Security Officer at Just Eat May 5 2020 12:00 pm UTC 60 mins
    Kevin Fielder, CISO, Just Eat, Brandon Dunlap, Moderator, (ISC)²
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format.

    In this session Kevin Fielder, CISO at the Just Eat will provide insight into the path he took to become a Cybersecurity Leader and how he is reinventing the role in the face of accelerating change.
  • Minimizing Security Impacts of a Growing Remote Workforce Apr 28 2020 12:00 pm UTC 60 mins
    Karl Lankford, Director of Solutions Engineering, EMEIA, BeyondTrust; Brandon Dunlap, Moderator
    Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees. However, an expanding remote workforce can significantly increase the attack surface and has changed the threat model of organisations overnight. Many remote access options are quick to implement but are not secure and organisations are trying to navigate the challenges of quickly, but securely, operationalising their remote employees. On April 28, 2020 at 1:00PM BST, BeyondTrust and (ISC)2 will explore the risks unsecure remote access presents and discuss how the secure remote access and endpoint privilege management pillars of a PAM solution can securely and efficiently connect remote employees to corporate resources.
  • Using Discovery-in-Depth to Identify, Classify & Protect Corporate Crown Jewels Apr 21 2020 12:00 pm UTC 60 mins
    Roger Hale, CSO, Big ID; Brandon Dunlap, Moderator.
    With recent data protection regulations and an increase in breaches, companies need to be able to not only find the Crown Jewels in their data, but also secure it. Traditional data discovery tools, however, lack the data source coverage to give organizations a way to identify and contextualize the sensitive Crown Jewels across any data store, any pipeline – in a data center or in the cloud. Join BigID and (ISC)2 on April 21, 2020 at 1:00PM GMT as we discuss how deeper data intelligence can help identify Crown Jewels and reduce liability risk across data sources. We’ll look at how to leverage next-generation classification to better enforce policy, how to reduce risk on your most valuable data, and how to implement advanced ML techniques to get more insight into your data.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Apr 14 2020 12:00 pm UTC 60 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA, Katya Bullock, (ISC)² Customer Service Specialist, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Encrypted DNS: Friend or Frenemy? Recorded: Mar 24 2020 59 mins
    Michael Katz, Cyber Security Sales Specialist, Infoblox; Brandon Dunlap, Moderator
    DNS is the last critical service on the Internet and in your organization that runs unencrypted or 'in the clear'. Competing consortiums of standards bodies, IT security associations and internet behemoths are trying to close the DNS encryption gap with varied approaches. Some advocate browser-based extensions, others opt for infrastructure and OS upgrades and others propose measures to block encrypted DNS traffic.

    Even if a web session is encrypted, unencrypted DNS provides important behavioral metadata that can be used to track network activity. Used properly, encrypted DNS can close privacy and security gaps that leaves DNS queries open to surveillance data miners like Internet behemoths, law enforcement, ISPs, business competitors and advertisers. However, with zero sophistication, any user in your organization can use encrypted DNS, which is now embedded in the world’s most popular web browsers, to completely bypass IT security policies, steal data and run unauthorized applications – all undetectable by most security tools. In many ways, encrypted DNS poses the same risks to information security as the TOR network. However, in areas where accessing the wrong web content can lead to severe consequences, encrypted DNS can literally save lives. Join Infoblox and (ISC)2 on Tuesday, March 24, 2020 at 1:00PM GMT for a discussion examining the rationale and tech behind encrypted DNS, the risks and benefits and it can bring, and strategies information security teams can use to approach this rapidly emerging technology.
  • Security Secrets: Defining Success for Security Teams Recorded: Mar 17 2020 59 mins
    Matthias Maier, Product Marketing Director, Splunk; Brandon Dunlap, Moderator
    The security industry is constantly changing and there’s always a new technology to learn how to defend or a new threat to fight against. However, with a rapid and constantly changing landscape of technologies, threats, frameworks, techniques and legislations - it’s easy to get lost in the day-to-day of cyber security and neglect progression at a personal, team and organizational level. Working across the full spectrum of security teams, from newly formed to the well-established; both Splunk and (ISC)2 are constantly observing the patterns for success in cyber security at every level. Spoiler alert - those who get the promotions or pay rises don’t do so for successfully configuring a firewall or by being lucky enough that their company hasn’t been breached (yet). Join us on March 17, 2020 at 1:00PM (GMT) for a discussion on what success looks like in security, how success is defined by an organization and its board, what personal and team success looks like for individual contributors and the top six observations of what makes a security professional stand out.
  • Using MITRE ATT&CK In Cloud and Hybrid Environments Recorded: Mar 5 2020 59 mins
    Vince Stross, Princ. Security SE, ExtraHop; Blake Strom, ATT&CK Leader, MITRE; Chip Wagner, Cybersecurity Leader, IBM
    The MITRE ATT&CK Framework provides an excellent structure for security professionals to identify the strengths and gaps in their ability to detect attacker tactics, techniques, and procedures (TTPs) in the environment. The framework is applicable for cloud, on-premises, and hybrid environments. Join ExtraHop and (ISC)² on March 5, 2020 at 1:00PM Eastern for a discussion on the MITRE ATT&CK Framework as we look at:

    • How to get the most value from the MITRE ATT&CK Framework in a hybrid environment

    • How upcoming changes in MITRE ATT&CK may affect utilization of the framework by SecOps teams

    • How MITRE ATT&CK fits into an overall framework-driven strategy for improving detection coverage and security maturity in hybrid enterprises of all sizes.
  • Cyber Front Lines Report: Incident Response Insights That Matter for 2020 Recorded: Mar 3 2020 63 mins
    Stuart Davis, Director of Incident Response Services, CrowdStrike, Brandon Dunlap, Moderator, (ISC)²
    The year 2019 ushered in a host of new adversaries, new attack methods and new challenges for the cybersecurity industry. The CrowdStrike® Services team faced these trials head-on, across geographical regions and within public companies, private industries and governmental entities spanning a variety of digital mediums.

    This webcast, drawn from real-life engagements and presented by the experts who investigated them, focuses on the themes and trends observed in the global incidents the Services team responded to and remediated throughout 2019 and what they mean for 2020.

    Join this webcast to learn the following:
    •How business disruption emerged as a main attack objective
    •Why third-party compromises served as a force multiplier for attacks and attackers
    •Why macOS machines are now clearly in the cross-hairs of adversaries
    •Recommendations based on CrowdStrike Services investigations that can help you increase your organization’s cyber defences
  • What Zero Trust Networking means for Network Visibility Recorded: Feb 25 2020 60 mins
    Ollie Sheridan, Principal Engineer, EMEA, Gigamon, Brandon Dunlap, Moderator, (ISC)²
    There is much talk in the Industry with regards to Zero Trust Networking (ZTN) - but what does it involve and what does this mean for Network Visibility? In this Webinar we will explore the reason for ZTN, some of the current ideas surrounding the implementations of ZTN and where Network Visibility plays a key role in securing such environments. With one of the key concepts of ZTN being the encryption and authentication of data in motion, we will also discuss the need for Metadata and why this can be an advantage over traditional methods of monitoring.

    Join us for this webinar to learn more about how you can:

    - Understand the ZTN trust model at a high level

    - See which components are important within ZTN and why

    - Understand why the perimeter is changing and why the need for segmentation goes beyond physical devices

    - How Metadata can play a key role in understanding the activity of applications on your network
  • What Can Security Ratings Do For You? Recorded: Feb 18 2020 60 mins
    Chris Poulin, Principal Consulting Engineer, BitSight Technologies, Brandon Dunlap, Moderator, (ISC)²
    2019 was a watershed year in cybersecurity, with unprecedented growth in headline-grabbing breaches and revenue-impacting fines. As organisations struggle to deal with the ever-growing cyber threat, the need for an objective, easy way to quantify both security performance and the risk posed by vendor relationships has become apparent. Security Rating Services provide exactly the kind of insight security and management teams need to make data-driven, risk-based decisions that can enable a secure digital business transformation and improve security performance.

    However, plenty of misconceptions and misinformation still exists about what Security Ratings can do for an organisation.

    Join BitSight’s Chris Poulin for a look at how Security Ratings can transform your organisation’s security and risk management program.
  • When MFA Goes Wrong, and How To Set It Right Recorded: Feb 11 2020 59 mins
    Josh Green, Solutions Engineer, Duo Security, Brandon Dunlap, Moderator, (ISC)²
    With more than three decades of use, MFA is a proven method to reduce the risk of breaches due to stolen or weak credentials. While nearly any MFA method is an improvement over username and password alone, creative and resourceful attackers continue to expose weaknesses in legacy solutions such as token-based or telephony-based authentication. When considering or reviewing your secure access options, there are valuable lessons that can be learned from some of these real-world examples.

    Join Duo Security’s Josh Green on 11 February for a grounded discussion on how MFA methods have evolved, a dissection of several successful attacks, and how modern MFA solutions fare against the same threats.

    In this webinar, you will also learn:

    Why SIM-Swap attacks and insecure multi-factor authentication (MFA) methods can increase the risk of the credential theft
    How attackers leveraged these security gaps in the real-world breach examples
  • Threat Intelligence Strategies for DNS Recorded: Jan 30 2020 59 mins
    Michael Katz, Security Specialist, Infoblox, Brandon Dunlap, Moderator, (ISC)²
    DNS is one of the only business-critical services you rely on every day that has threat intelligence checks built into the standard. And yet, chances are you think of DNS mainly as an IT utility—and are overlooking its unique threat intelligence properties.

    Join us for this live webinar as we walk you through the characteristics of DNS that make it ideal as a threat intelligence resource and facilitator. During the live session, you’ll discover:

    - How DNS enhances Zero Trust architectures
    - Ways to integrate DNS in malware detection, mitigation and response solutions
    - The role of behavioral intelligence in DNS
    - Strategies for effectively handling encrypted DNS
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Jan 28 2020 55 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA, Katya Bullock, (ISC)² Customer Service Specialist, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Stories from the Front Line of Threat Hunting Recorded: Jan 21 2020 58 mins
    Zeki Turedi, Technology Strategist EMEA, CrowdStrike, Brandon Dunlap, Moderator, (ISC)²
    CrowdStrike’s 2019 Falcon OverWatch Mid-Year Report provides unique insights into the targeted, state-sponsored and criminal campaigns the CrowdStrike team has encountered in the first half of 2019.

    Join this webcast and hear CrowdStrike Technology Strategist, Zeki Turedi provide detailed accounts of real-world incidents the CrowdStrike team have observed, including the trends, adversaries and techniques that were most prominent in the last 12 months. You will also gain valuable information on the industries and regions most impacted by cyberattacks.

    Learning Outcomes:
    -Why “speed” is the new critical metric in cybersecurity.
    -How organisations are using the MITRE ATT&CK framework to shorten the time to investigate and understand threats.
    -Trends in adversary tradecraft, as seen across 1000s of real-world intrusion attempts.
    -Action plans that you can use to ensure your organisation is ready to anticipate and defend against the most dangerous threats of tomorrow.
  • Cofense's Security Predictions: 2020 and Beyond Recorded: Jan 7 2020 63 mins
    James Hickey, Sec. Engineer, Europe, David Mount, Sen. Dir., Solutions Marketing, Cofense, Brandon Dunlap, Moderator, (ISC)²
    The threat landscape continues to evolve at a rapid pace, with new threat vectors emerging and increasing in sophistication. With the new year on the horizon, how can organisations prepare to defend against new and emerging attacks? Join James Hickey and David Mount in our webinar as they share their thoughts on what we can expect in 2020 and beyond. Based on insights collected from our research teams, our speakers will touch on trends positioned to dominate the threat landscape next year so you can strengthen your organisational defence.

    Attend the webinar and learn:
    • How ransomware is evolving and becoming more targeted to reap more sizeable payouts
    • Why healthcare and genetic testing organisations will be a rich target for monetising data
    • Why cryptocurrency will find itself in the crosshairs
    • How human intuition, a powerful weapon against phishing, will also prove essential as information warfare heats up

    Don’t miss this timely event—register today!
  • Preview 2020: Get Your Sneak Peek Into The Mind of a Hacker Recorded: Dec 17 2019 60 mins
    Tom Kellermann, Head Security Strategist, Rick McElroy, Security Strategist, Carbon Black, Brandon Dunlap, Moderator, (ISC)²
    Get your sneak peek into the mind of a hacker!

    Every intelligence industry has a central goal and that is to predict the future. As security professionals, we collect and analyse, dissect and interpret, in order to find those essential nuggets that will give us the edge over our adversaries, enabling us to better understand what they’ll do next.

    Join VMware Carbon Black’s Chief Cybersecurity Officer, Tom Kellermann, and Head of Security Strategy, Rick McElroy, who will give their unique insights on the tactics and techniques topping the cyber attacker’s hit list for 2020 including how:

    •The act of cloud jacking and island hopping will become commonplace.
    •We'll see more mobile root kits allowing people to take full control over someone else’s device.
    •Access mining-as-a-service will grow as criminals see the utility in purchasing access to compromised environments.
    •Virtual home invasions of public figures (celebrities, CEOs, politicians) will occur.
  • 5 SOC Modernisation Stories: What Our Customers Taught Us In 2019 Recorded: Dec 10 2019 58 mins
    Matthias Maier, EMEA Director of Product Marketing, Splunk, Brandon Dunlap, Moderator, (ISC)²
    Should 2019 be dubbed the year of the SOC? Looking back at the last 365 days, Splunk experts certainly think so! Reminiscing on the stories of SOC modernisation, this webinar will share techniques and lessons learned from Splunk’s own customers throughout 2019, including;

    •How Fresenius made cybersecurity easy to understand for the C-Suite by building the “DAX” index for cybersecurity
    •Insights from 3 SOC automation playbooks created by Norlys
    •Methods used by Dutch Tax and Customs Administration to increase e-mail security, combining Sender Policy Framework (SPF), DNS logging and DMARC
    •How DATEV built and demonstrated SOC success, from detection to headcount planning, in just 6 months
    •Johnson Matthey’s advice on which people to involve and the roles needed to build and establish a modern SOC

    Join us on December 10th, 13:00 GMT as Matthias Maier goes through the top tales you need to hear to modernize your Security Operations Centre.
  • Password123456: How to Train Your Password Cracking Dragon Recorded: Dec 5 2019 59 mins
    Brian Johnson, Security Enthusiast / Podcaster, Dan Goater, Solutions Engineer, Netwrix, Brandon Dunlap, Moderator, (ISC)²
    Password cracking is no longer rocket science but a handy skill for any penetration tester or system and network defender, or anyone who simply enjoys a good geek project. Join our webinar series by Brian Johnson, a cybersecurity enthusiast from 7 Minute Security, to learn how to set up cracking tools in the cloud (and on the cheap!) and better protect your organisation’s Active Directory environment.

    In this session, you will learn how to:

    Crack Active Directory and wireless passwords
    Make sure your password policy is strong enough to resist password cracking
    Download and customise the popular Pwned Passwords list
    Incorporate Pwned Passwords into Active Directory for free using the open source PwnedPasswordsDLL project
    Build customised lists of additional bad passwords
  • Three Key Elements of a Successful Privileged Access Management Programme Recorded: Dec 3 2019 57 mins
    Josh Kirkwood, Security Engineer, CyberArk EMEA, Brandon Dunlap, Moderator, (ISC)²
    Privileged access exists in many forms such as Local Administrative Accounts, Domain Administrative Accounts, Service Accounts, Application Credentials and SSH Keys. Privileged accounts, credentials and secrets are found in devices, applications and operating systems.

    Experts agree it’s a best practice to ensure they are protected, managed and monitored. Whether your organisation choices an on premises of SaaS for Privileged Access Management (PAM) solution, your program should start with steps that focus on rapid risk reduction for high value assets.

    In this session, we’ll review what is considered to be table stakes Privileged Access Management hygiene, and we’ll focus on three key areas for a Privileged Access Management security program:

    •Account Discovery and Credential Vaulting
    •Session Management and Isolation
  • Turning DNS from an IT Utility into a Foundational Cybersecurity Asset Recorded: Nov 26 2019 61 mins
    Michael Katz, Cybersecurity Specialist, Infoblox, Brandon Dunlap, Moderator, (ISC)²
    E-business relies on core network services to function. Name resolution through DNS and IP addresses handling (DHCP, IPAM), specifically.

    And yet too many organizations view these crucial services as IT utilities. As a result, they miss out on the substantial cybersecurity benefits that lie hidden in them.

    Make plans now to attend this live event where leading experts from Infoblox and (ISC)2 outline how to turn DNS and associated services into foundational cybersecurity assets. Join us and learn how the unique properties of DNS can enhance:
    Security analytics
    Malware detection, response and containment
    Security orchestration and automation
(ISC)² Secure Webinars - EMEA
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: eSummit 3 Cyber-Forensics - an Overview of Intrusion Investigations
  • Live at: Oct 26 2016 11:00 am
  • Presented by: Dr. Gareth Owenson, Senior Lecturer, University of Portsmouth, Christopher Laing,(ISC)2 EMEA Advisory Board Member
  • From:
Your email has been sent.
or close