In this lab, attendees will learn to set up a ransomware lab and walk through the response from an operational and hands-on tactical perspective. Learn how to develop indicators of compromise, understand the class of the malware and the intent of the attackers. Answer questions like, “what is the scope of the infection?” and “what artifacts are still available for analysis?” This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion and remind attendees that no comment attribution or recording of any sort should take place. This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.
Attendees are required to bring their own laptop to the session.