In this lab, attendees will learn to set up a ransomware lab and walk through the response from an operational and hands-on tactical perspective. Learn how to develop indicators of compromise, understand the class of the malware and the intent of the attackers. Answer questions like, “what is the scope of the infection?” and “what artifacts are still available for analysis?” This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion and remind attendees that no comment attribution or recording of any sort should take place. This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.
Attendees are required to bring their own laptop to the session.
Watch On Demand
Log in to your event account now to view slides, downloads and on demand videos. Not yet registered for RSAC 2022? View Passes
Ineligible Pass Type
Your pass type doesn't allow access to this video or resources. If you'd like to upgrade your pass, please call 844-201-6567 (toll free US) or +1 781-222-0051 (outside the US).
Hackers & Threats
endpoint security incident response Malware ransomware endpoint detection visibility & response
- Full Conference
Share With Your Community