SANS FOR508 Training Course

Share this page

Forgot?

Create a new account

SANS FOR508 Training Course

In conjunction with SANS, AISA is offering members a brief extract of the industry-leading SANS FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics course. Places are limited to 30 and registration cost is only $50 + GST pp.

Threat Hunting and Investigating WMI and PowerShell Attacks
Incident responders and threat hunters should be armed with the latest tools, memory analysis techniques, and enterprise methodologies to identify, track, and contain advanced adversaries and to remediate incidents.

This workshop, a brief extract of the industry-leading SANS FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics course, examines the investigation techniques required to respond to advanced adversaries increasing use of WMI-based attacks. We will show the importance of developing cyber threat intelligence, from your own incidents, to impact the adversaries' "kill chain". We will also demonstrate live response techniques and tactics that can be applied to a single system and across the entire enterprise.

Who should attend:
This workshop is best suited to experienced Information Security Professionals who directly support and aid in responding to data breach incidents and intrusions. Like the SANS FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics course, this workshop is designed for:

Experienced Digital Forensic Analysts who want to consolidate and expand their understanding of investigation of technically advanced individuals, incident response tactics, and advanced intrusion investigations;
Incident Response team members who regularly respond to complex security incidents/intrusions; and
Threat Hunters who are seeking to understand threats more fully and how to learn from them in order to more effectively hunt threats and counter their tradecraft.

Prerequisites:
This is an advanced incident response and threat hunting workshop. We do not cover the introduction or basics of incident response, Windows digital forensics, or hacker techniques in the workshop, and a familiarity with these skills and concepts will be assumed.

IMPORTANT! Laptop Required:
You will not be able to participate in this workshop without a properly configured laptop. Laptops will not be supplied by AISA or SANS. Please be sure to configure your laptop prior to the workshop with the following items:

- A valid version of Windows 10
- Administrator access
- Ability to disable AV
- No application whitelisting enabled
- The ability to disable third-party protection systems if needed
- Software to unzip a ZIP file
- At least 1gb free space
- Wireless networking
- A working USB port

Workshop Facilitator: Josh Lemon, GREM, GCFA, GDAT, GNFA, GCIH, GPEN, GPYC, SANS Certified Instructor
Josh Lemon is a Director at Salesforce.com in their international Salesforce Security Response Centre (SSRC). Josh heads up the SSRC Strategic Response and Research Unit which is responsible for looking at new cutting-edge ways to approach incident response at scale. Josh is also a Certified Instructor for the SANS Institute where he teaches the “Advanced Incident Response and Threat Hunting” (FOR508) course.

Prior to Salesforce, Josh was the CSIRT Manager for the Commonwealth Bank of Australia leading one of the largest dedicated incident response teams in the Australian commercial sector. He has previously worked as a Managing Consult for BAE Systems Applied Intelligence, where he was responsible for all technical cybersecurity services for the Asia Pacific region, included overseeing large and complex incident response and offensive security engagements.

Josh has provided incident response, digital forensics and penetration testing services to Government, Law Enforcement, and the Commercial sector. He was one of the co-creators for SecTalks in Sydney Australia, a monthly information security community event dedicated to presenting and teaching technical information security skills to others.

Josh has a varied background in the cybersecurity industry ranging from Project Management, Lead Incident Responder, Forensics Analysis, Reverse Engineer, Penetration Testing, Secure Network Design, and Software Development. He currently holds a GREM, GCFA, GDAT, GNFA, GCIH, GPEN, GPYC and lectures on investigating cyberattacks at Universities in Sydney and to international audiences for the SANS Institute.

Time:
12:00pm - 12:30pm - Registration and Lunch
12:30pm - 03:30pm - FOR508 workshop
The workshop will start at 12:30pm sharp, and it is critical that students arrive ahead of time. If you miss the first 5-10 minutes of setup you will not be able to join the class as you won't be able to catch up from there.

Location:
The Grace Hotel
77 York Street, Sydney NSW 2000
York Function Room

Cost:
The course is offered to AISA members only. Please note that to get the maximum benefit for students, we have to limit attendance to 30 attendees.

AISA member: $50 + GST. Please sign in to register for this event.
Become a member of AISA: If you would like to become an AISA member you can join here

Register & Pay:

Members must be signed in to register
Once registered, click on the button Proceed to Checkout to make your payment via credit card
A confirmation of order will be emailed to you once payment have been made
Registrations without payment will not be excepted

Cancellation Policy:
https://www.aisa.org.au/Public/Events/Cancellation_policy

Contact:
For any queries regarding this event please contact Susanna Palermo, Event & Sponsorship Manager via email [email protected]

When

20/11/2019 12:00 PM - 3:30 PM
AUS Eastern Summer Time

Where

The Grace Hotel 77 York Street Sydney, NSW 2000 AUSTRALIA

This event is full.