Name: Hands-On Incident Response and Forensics Workshop
Start: 2025-09-29T00:30:00+02:00
End: 2025-09-30T21:30:00+02:00
Location: CERN

Hands-On Incident Response and Forensics Workshop

from Monday, 29 September 2025 (00:30) to Tuesday, 30 September 2025 (21:30)
CERN (37/R-022)

: Sessions

: Talks

: Breaks

29 Sept 2025

30 Sept 2025

08:30	--- Welcome Session ---
09:00	Introduction to incident response 02-IncidentResponse.pdf
09:30	Attacker objectives 03-AttackersMotive.pdf
10:00	--- Coffee Break ---
10:30	Essentials of data collection 04-DataCollection.pdf

09:00	File System and Timeline Analysis 09-Filesystems.pdf
09:40	Persistence Mechanisms 10-Persistance.pdf
10:00	--- Coffee Break ---
10:30	Live Incident Response Exercise

12:00	--- Lunch Break ---
13:30	Malware Introduction 05-MalwareIntroduction.pdf
14:00	SIEM 2023-08-14__SOC_Data_Collection.pdf
14:20	Command and Control 06-C2s.pdf
14:45	--- Coffee Break ---
15:15	Malware Payloads 07-MalwarePayloads.pdf
16:00	Rootkits 08-Rootkits.pdf
17:30	--- CERN Visit ---

12:00	--- Lunch Break ---
13:30	Live Incident Response Exercise
14:45	--- Coffee Break ---
15:15	Live Incident Debrief + Round Table
16:30	Summary and Takeaways

Choose timezone