|17 Apr||Monday||0900-17:00 CEST/GMT+2||8 Hours|
|18 Apr||Tuesday||0900-17:00 CEST/GMT+2||8 Hours|
|19 Apr||Wednesday||0900-17:00 CEST/GMT+2||8 Hours|
Attackers constantly find new ways to attack and infect Linux boxes using more and more sophisticated techniques and tools. As defenders we need to stay up to date with adversaries, understand their TTPs and be able to respond quickly. The combination of low-level network and endpoint visibility is crucial to achieve that goal. For DFIR needs we could go even further with proactive forensics inspections. This training will guide you through different attack-detection-inspection-response use-cases and teach critical aspects of how to handle Linux incidents properly.
For a comprehensive mindmap of this training, click here
Leszek Miś is a highly experienced Security Researcher with over 20 years of experience in the industry. He is the Founder of Defensive Security (https://www.defensive-security.com/), a company that provides Open Source Security Services including Red Team adversary emulations, Blue Team detection coverage testing, DFIR/Live Forensics, and high-quality knowledge transfer and training.
He has worked in various positions within the infosec field, including as a Linux Administrator, System Developer, DevOps Engineer, Penetration Tester, Security Consultant and VP Of Cyber Security as well.
He has extensive knowledge of Linux internals and got deep experience in Linux malware hands-on analysis from the perspective of red and blue team. Leszek is a recognized speaker and trainer, having spoken at various industry events such as Black Hat USA, Hack In The Box, and OWASP Appsec US.
Leszek holds many certifications, including OSCP, RHCA, RHCSS, and Splunk Certified Architect. His areas of interest include development of multi-stage attack paths with mappings to MITRE ATT&CK Framework, multi-layer defensive paths with mappings to MITRE D3FEND Framework, Linux/network ML feature extraction, Linux OS internals including eBPF, detection engineering, log behavior analysis, memory forensics, andexploration of new Linux offensive ttps vs DFIR/detection/protection techniques.