Thank you for your interest. This event is at capacity. If you would like to be added to the wait list, please contact [email protected]. Thank you.

Join RSA NetWitness® Education Services for our Threat Hunting & Incident Response Workshop. Get a one-day, hands-on experience you can really use on the job.

Basic hacking from a black hat and white hat perspective: Learn about the enemy by BEING the enemy, with hands-on access to remote access tools (RATs) and exploit kits. Use these tools to exploit virtual machines using real payloads. You can’t understand your adversary’s tools, techniques, and procedures (TTPs) without sitting in their chair. Then you’ll flip the table to play the role of the network defender. Pour over the evidence of the very attack you just generated to understand how you can detect and deter such an attack in the future.

Dig deeper into threat hunting: Take the first steps beyond analysis into hunting. Decode malicious binaries and web sites to pivot from a reactionary analyst into a detective, capable of finding the fingerprints of specific advanced persistent threats (APTs) and defending against specific TTPs. You will have direct access to real threats and real malware, and learn how to use RSA’s powerful RSA NetWitness® Endpoint product, which can be used to automate workflows and simplify threat detection, so you and your team can spend less time worrying about ransomware and more time focusing on advanced threats.
This course is eligible for 6 CPE credits.

RECOMMENDED AUDIENCE: Security analysts within all verticals. RSA NetWitness customers should be aware that the instruction will be product agnostic.

Wednesday, October 24, 2018
9:00am – 4:30pm (Networking to follow)
Dell EMC New York City Office
2 Penn Plaza – 18th Floor
New York City, NY, 10121


9:00 a.m. Registration/Coffee
9:30 a.m.
Black Hat Hacking
       - Examining RAT builders and exploit kits
       - Using Malicious Tools
       - Exploiting vulnerable virtual machines with real payloads
       - Extracting malicious sessions from Netwitness Packet
12:00 p.m.
Lunch with Presentation (Lunch is Provided)
White Hat Hacking
      - Examining artifacts of an attack 
      - Decoding malicious web pages 
      - Decoding malicious binaries
3:3p.m. Automating workflows with RSA NetWitness Endpoint
4:30 p.m. End (Networking Social to Follow)

Guests will enter on 32nd & 7th Ave. There are paid parking lots on 31st & 33rd between 7th and 8th Ave. Each guest will need to check in in the main lobby and must provide security with a photo ID. Proceed to the 18th Floor.

Attendance is reserved for RSA customers and prospects only. Partners and other vendors please contact [email protected] to inquire about eligibility to attend.