This workshop will qualify for 4 CPE credits. Certificates will be passed out at the conclusion of the event.
Our collaborative workshop is designed to:
- Review capabilities for each stage of a response
- Introduce key strategies for each stage
- Discuss IR objectives, business risk, operational requirements, and threat intelligence
- Identify key stakeholders and expectations
Wednesday, November 28, 2018
8:30am – 1:00pm (Lunch will be served)
Charter Office Campus
6175 South Willow Drive
Greenwood Village, CO 80111
|08:30 am||Registration and Coffee|
|09:00 am||Kick off and Introduction|
Operationalizing Incident Response
Shane Harsch - Senior Solutions Principal, RSA NetWitness
Creating a Hunting Program and Efficiencies in a Hunting Program
Shane Harsch - Senior Solutions Principal, RSA NetWitness &
Matt Tharp - Level 3 Analyst, Dell EMC CSIRT
|11:45 am||Hunting Techniques – Matt Tharp|
|01:00 pm||Wrap up|
Matthew Tharp – Level 3 Analyst, Dell EMC CSIRT
Matthew Tharp was a Level 3 Analyst in the Dell/EMC Cyber Security Investigation and Response Team (CSIRT) who now spends his time doing network forensics and malware analysis. He grew up as an embedded firmware developer for guidance systems at a defense contractor and moved into security after developing the software stack to handle the TCP/IP stack in embedded systems. They let him out of his lab of 1’s and 0’s to talk with security professionals about the techniques he used to help protect one of the largest IT companies in history.
Shane Harsch is an Information Security professional with over 25 years of experience ranging from military to manufacturing to security consulting and professional services. He has managed and architected SOCs for the military and managed service providers and is a commissioned officer in the US Army, Military Intelligence. Shane holds degrees in business (MBA) and computational linguistics (BA), and maintains the following certifications: Intrusion Analyst (GCIA), Incident Handling (GCIH), Enterprise Defense (GCED), and Information Security (CISSP). In addition to his responsibilities as a Senior Solutions Principal at RSA, Shane fosters new professionals to information security as a SANS Mentor.
Attendance is reserved for Charter employees, RSA customers and prospects only. Partners and other vendors please contact [email protected] to inquire about eligibility to attend.