Advanced Network Archaeology
Monday, May 3 - Thursday, May 6
Sharpen your skills with Simulation
Cyber Fire Simulation gives participants a full week to work with data from a historical event, with veteran investigator assistance. This is not an event to learn a new skill, but rather sharpen existing skills working with real data.
Participants act in one of four groups:
- Network Archaeology
- Malware Analysis
- Host Forensics
- Incident Coordination
Attendees start with an initial indicator and a piece of evidence, and work as a single team to respond to the incident.
The incident response team is expected to process network traffic, event logs, packet capture, memory images, hard drive images, and windows registry.
During daily executive management briefings, Simulation participants provide:
- investigation updates
- recommendations to the site for remediation
- a list of infected resources
- all evidence gathered to date
- updated indicators of compromise
Event staff serve as mock IT, distributing collected evidence when asked, mock counterintelligence, sharing indicators to keep the group progressing, and as general computer security experts giving other tips and tricks as needed.
Past and Future Events
- Advanced Network Archaeology
- 2021 May 3 to May 6
- Virtual Simulation
- 2020 Oct 19 to Oct 22
- Virtual Simulation 1
- 2020 Sep 21 to Sep 24
- SNL Simulation
- 2019 Dec 16 to Dec 19 : Albuquerque, New Mexico
- PNNL Simulation
- 2019 Sep 3 to Sep 6 : Richland, Washington
- IARC Simulation
- 2018 Jan 22 to Jan 25 : Las Vegas, Nevada