SANS ICS Security Summit 2023
Establishing your baseline
Speaker: Michal Legin, Security Engineer, Google
Incident Response in ICS differs from that in traditional IT environments: some investigative techniques are simply not applicable, whereas others might be more effective. This session will explain how to build a database of expected hashes with hashR, then leverage this dataset to speed up forensic analysis, reduce noise, and find relevant data. Attendees will return to their environments capable of utilizing these techniques with open-source software (hashR, Plaso, Timesketch).
View upcoming Summits: www.sans.org/u/DuS