Tracking the Adversary: What we can learn by watching an Advanced Persistent Threat group in action

What exactly happens when an adversary is active in your environment for 7 days? How about 7 years? This talk considers a real-life instance in which a malicious, APT-associated actor remained undetected in an organisation’s network for several years, making the case for why attribution matters. During this talk you will hear key lessons learned from the breach investigation and also gain access to the Open Source tools that were integral to the success of the investigation.