fireeye-training-page-600x134

Jun
6
Tue
FireEye Cyber Defense Live @ Hotel Amigo
Jun 6 @ 08:00 – 18:00
FireEye Cyber Defense Live @ Hotel Amigo | Bruxelles | Bruxelles | Belgium

FireEye Cyber Defense Live

Government Forum | Tuesday 6 June – Brussels

Operationalizing Security in a New EraIn order to protect themselves, state and local governments and their partners need a clearer picture of the rapidly-evolving threat landscape that has drastically changed with new rules of engagement. Nation-state actors, cyber criminals and hackers have become less predictable. The attack surface continues to grow with the rise in connectivity, data loads and access to industrial control systems.

To identify, assess, respond and mitigate threats such as ransomware, extortion, espionage and zero-day attacks, as well as predict and prevent the “unknown threat,” agencies need to build intelligence-led security operations. CIOs and CISOs are drowning in their own security stack while analysts are exhausted by “alert fatigue.”

Operationalizing security enables security professionals to rapidly collect, analyse and disseminate threat intelligence across the enterprise, assess risk based on an adversary’s motivation and capability and align resources to the most impactful threats.

If this resonates and you would like to learn more please join FireEye & our selected partners to dive deeper.

Agenda

08h00 Welcome Coffee in Partners Exhibition Area
09h00 Welcome & Agenda
09h15 Cyber Security: The Strategic View
Kah-Kin Ho, Senior Director Government EMEA FireEye
09h45 Keynote: NATO JCYBER
Brigadier General Christos Athanasiadis
10h15 Cyber Operations and Incident Management in the Age of Putin
Ron Bushar, VP Mandiant Services
10h45 Coffee break
11h00 Achieving Effective Threat Prioritization
Jens Monrad, Senior Intelligence Analyst FireEye
11h30 Keynote followed by Panel on Operationalizing Security in a New Era
Moderated by Tony Cole, VP CTO Global Government, FireEye
12h30 Networking lunch
13h30 Helix Workshop
Pierre Buijsman, Director Systems Engineering FireEye
14h15 FireEye MVX
Marco Van der Aar, Consulting Systems Engineer FireEye
15h00 Coffee break
15h30 Intelligence-Led Security Workshop: Powering the Future of Cyber Defense
Kevin Tongs, Senior Technical Manager iSight Intelligence
16h30 Hunting demo
FireEye as a Service Team
17h:30 Networking drink
18h00 End

Location
Hotel Amigo
Rue de l’Amigo 1
1000 Bruxelles

Jun
26
Mon
FireEye – Mandiant Malware Analysis Crash Course 26-27 June 2017 @ Exclusive Networks
Jun 26 @ 09:00 – Jun 27 @ 17:00
FireEye - Mandiant Malware Analysis Crash Course 26-27 June 2017 @ Exclusive Networks | Duffel | Vlaanderen | Belgium

Price:  €2000 excl. VAT
Date:
26 & 27 June
Duration: 2 Days
Timing:
9h00 – 17h00
Location: Exclusive Networks

OVERVIEW
This course provides a rapid introduction to the tools and methodologies used to perform malware analysis on executables found on Windows systems using a practical, hands-on approach. Students will learn how to find the functionality of a program by analyzing disassembly and by watching how it modifies a system and its resources as it runs in a debugger. Students will learn how to extract host and network-based indicators from a malicious program. Students will be taught about dynamic analysis and the Windows APIs most often used by malware authors. Each section is filled with in-class demonstrations and hands-on labs with real malware where the students practice what they have learned.

What You Will Learn:

  • Hands-on malware dissection
  • How to create a safe malware analysis environment
  • How to quickly extract network and host-based indicators
  • How to perform dynamic analysis using system monitoring utilities to capture the file system, registry, and network activity generated by malware
  • How to debug malware and modify control flow and logic of software
  • To analyze assembly code after a crash course in the Intel x86 assembly language
  • Windows internals and APIs
  • How to use key analysis tools like IDA Pro and OllyDbg
  • What to look for when analyzing a piece of malware
  • The art of malware analysis – not just running tools

WHO SHOULD TAKE THIS COURSE
Software developers, information security professionals, incident responders, computer security researchers, puzzle lovers, corporate investigators, or others requiring an understanding of how malware works and the steps and processes involved in performing malware analysis.

STUDENT REQUIREMENTS 

  • Excellent knowledge of computer and operating system fundamentals
  • Computer programming fundamentals and Windows Internals experience is highly recommended

WHAT STUDENTS SHOULD BRING
Students must bring their own laptop with VMware Workstation, Server, or Fusion installed (VMware Player is acceptable, but not recommended). Laptops should have at least 20GB of free space. A licensed copy of IDA Pro is highly recommended to participate in ALL labs, but the free version can be used in most cases.

WHAT STUDENTS WILL BE PROVIDED WITH

  • A student manual
  • Class handouts
  • Mandiant gear
  • lunch and drinks
Jun
28
Wed
FireEye – Mandiant Enterprise Incident Response Course 28-30 June 2017 @ Exclusive Networks
Jun 28 @ 09:00 – Jun 30 @ 17:00
FireEye - Mandiant Enterprise Incident Response Course 28-30 June 2017 @ Exclusive Networks | Duffel | Vlaanderen | Belgium

Price:  €3000 excl. VAT
Date:
28, 29 & 30 June
Duration: 3 Days
Timing:
9h00 – 17h00
Location: Exclusive Networks

OVERVIEW
This intensive three-day course is designed to teach the fundamental investigative techniques needed to respond to today’s landscape of threat actors and intrusion scenarios. Updated yearly to reflect the latest in forensics and intrusion techniques, the class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of attack evidence, and the forensic analysis knowledge required to analyze those sources. Students will learn how to conduct rapid triage on a system to determine if it is compromised, uncover evidence of initial attack vectors, recognize persistence mechanisms, develop indicators of compromise to further scope an incident, and much more.

COURSE DESCRIPTION
The course is composed of the following modules, with labs included throughout the instruction.

  • The Incident Response Process – An introduction to the targeted attack life cycle, initial attack vectors used by different threat actors, the stages of an effective incident response process, and remediation.
  • Acquiring Forensic Evidence – A basic overview of the most common forms of endpoint forensic evidence collection, and the benefits and limitations of each.
  • Introduction to Windows Evidence – An overview of the key sources of evidence that can be used to investigate a compromised Windows system, including the NTFS file system, Prefetch, web browser history, event logs, the registry, memory, and more.
  • Persistence
  • Investigating Lateral Movement – An in-depth analysis of how attackers move from system to system in a compromised Windows environment, the distinctions between network logons and interactive access, and the resulting sources of evidence on disk, in logs, and in the registry.
  • Hunting – How to apply the lessons learned from the previous modules to proactively investigate an entire environment, at-scale, for signs of compromise.I
  • Investigating Web Application Attacks –This module focuses on how to analyze web logs to recognize and interpret common attack techniques.

DOWNLOAD HERE FULL TRAINING DESCRIPTION


WHO SHOULD TAKE THIS COURSE
This is a fast-paced technical course that is designed to provide hands-on experience with investigating targeted attacks and the analysis steps required to triage breached systems. The content and pace is intended for students with some background in conducting forensic analysis, network traffic analysis, log analysis, security assessments and penetration testing, or security architecture and system administration duties. It is also well suited for those managing CIRT / incident response teams, or those in roles that require oversight of forensic analysis and other investigative tasks.
STUDENT REQUIREMENTS
Students must have a working understanding of the Windows operating system, file system, registry, and use of the command line. Familiarity with Active Directory and basic Windows security controls and common network protocols is also beneficial.

WHAT STUDENTS SHOULD BRING
Students must bring their own laptop with VMware Workstation, Server, or Fusion installed (VMware Player is acceptable, but not recommended). Laptops should have at least 20GB of free space.

A licensed copy of IDA Pro is highly recommended to participate in ALL labs, but the free version can be used in most cases.

WHAT STUDENTS WILL BE PROVIDED WITH

  • A student manual
  • Class handouts
  • Mandiant gear
  • lunch and drinks

FireEye Training & Workshops