Cyber Fire Simulation

Cyber Fire Simulation

Participants will be broken up into three teams, network archaeology, malware analysis, and host forensics, along with a daily volunteer from the attendees serving as the incident coordinator, to re-work a prior incident. Participants start with the initial indicator and piece of evidence collected and work as one large team to respond to the incident. Event staff serve as mock IT, giving out other collected evidence when asked, mock counterintelligence, giving bad indicators to keep the group progressing, and as general computer security experts giving other tips and tricks as needed.


Date: TBD

Location: TBD

What to Bring

A computer with your favorite incident response and forensics tools. You will be told which team you will be on before the event so you can prepare your favorite tools.