Analysis 101 and 102 for the Incident Responder

Analysts often have a theory about something found while roaming the network or conducting a hackfest, but wonder how to go about proving it. This Lab will deliver a hands-on journey deep into this world of analysis and steps to take. While analysis is a bit of an art form, there are methods that can be applied to make it less of a gut feeling and more of a scientific approach to support a hypothesis. This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion, and remind attendees that no comment attribution or recording of any sort should take place. Pre-Requisites: No prerequisite knowledge will be required for this session. This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.