10-11, 10:00–12:00 (America/New_York), Track 3 (205c)
Language: English
Step into the IR front lines in this interactive TTX session, where you'll navigate a simulated incident. Participants will make critical decisions and respond to real-world TTPs and threats. In this session, we'll take the audience through a series of unfolding challenges, allowing them to gain practical insight into utilizing tabletop exercises their cybersecurity readiness, test their knowledge and work with their peers to respond to a major enterprise incident. The session will cover crucial elements of an enterprise incident as an audience-based interactive talk, and discuss how to build and run a similar session with your own team.
- Intro (Who, what, why) (3 min)
- Rules of engagement (how to play, what NOT to do) (2 min)
- TTX session (35 min)
- Scenario will be drawn from anonymized incident data
- Technical problem-solving slides will be used at least twice (DFIR questions, Containment, Triage questions)
- TTPs will be primarily SPIDER actor based, with some SE and interactive intrusion tactics - Debrief: how to run and set up a TTX (10 min)
Join us for an amazing security workshop with our main sponsor CrowdStrike!!
I have 20+ years of experience in a few different security fields as a manager, a senior analyst, Incident Response lead and senior consultant. I've also worked on the IT side of the house, and doing 'physical' security work, as a venue and personal security manager and planner.
My other career interests include city planning and development (CPTED and networked cities), photojournalism, audiovisual work and media production- I've been included in teams working in all of these fields over the c