Speaker: Antonio Forzieri
Watch the lecture on the YouTube channel of the master.

Abstract: Advanced Persistent Threats can be challenging to detect and investigate. Multiple alerts need to be analysed and connected in order to have a clear understanding of how the attack was conducted and what was the impact. During this seminar we will assume the role of a Security Analyst and will be using Splunk Enterprise Security and Splunk UBA to dig into the alerts and get a clear understanding of all phases of the attack. During our investigation, we will be able to understand how the attacker found his way into the company, how he escalated privileges, how he moved laterally and how he exfiltrated data, leaving traces behind that will be key to us to rebuild his malicious activities

Short bio: At Splunk, Ing. Antonio Forzieri is responsible for the Cyber Security offering for EMEA. Previously Antonio worked in Symantec as a Global Cyber Security Practice Lead supporting customers in complex Cyber Security Initiatives ranging from building/evolving Cyber Defense Centers to supporting customers in Cyber Security Intelligence Programs. Antonio Forzieri holds a degree in Telecommunication Engineering from Politecnico di Milano where he is also a lecturer for the course “Internet: Mobility and Security”.

Download the poster.
Click to download the slides.