SANS 2010 Digital Forensics Summit - APT Based Forensic Challenge
Last Updated: 2010-06-08 03:46:17 UTC
by Rick Wanner (Version: 2)
In conjunction with the 2010 SANS Digital Forensics and Incident Response Summit...there is a contest!
To quote Rob Lee...
"The 2010 Digital Forensics and Incident Response Summit's focus this year is examining and advancing the digital forensic professional to deal with advanced threats such as the APT and organized crime. Understanding how many of these crimes take place is crucial to creating lethal forensicators armed with the knowledge and skills to analyze complex cases. I asked Jonathan Ham and Sherri Davidoff (who co-authored the sell-out Forensics 558: Network Forensics course and created many successful contests at - forensicscontest.com) to create a contest based partially on how the APT might try and trigger a compromise to steal intellectual property via a targeted attack via spear phishing.
I'm proud to announce the Jonathan and Sherri have created an amazing contest that will challenge you to use sophisticated skills and help you see the types of attacks that could be infecting your networks today. Using published information based on the Aurora attacks they set out to recreate a sequence of events that demonstrate the challenge investigators will face when examining compromises of clicking on links via a targeted spear phishing attack. This contest is a step in the right direction to help educate and challenge forensic professionals around the country. It also provides a good example of some of the discussions we will cover at the 2010 Forensic Summit: Malware analysis, Network Forensics, and the Advanced Persistent Threat. Jonathan and Sherri will announce the winners at the Forensic Summit on July 8. We hope you win the challenge and will attend the 2010 Forensic Summit, July 8, 9 in Washington D.C. "
The contest itself is available over at the SANS Computer Forensics Blog.
UPDATE: SANS Forensics Challenge Webcast Archive is Now Online!
-- Rick Wanner - rwanner at isc dot sans dot org