NTTDATA-CERT Member Presents Briefing Session at SecTor 2024 (hosted by Black Hat)
Presentation by our NTTDATA-CERT member selected for SecTor 2024 (hosted by Black Hat), an international cyber security conference.
Past events
OVERVIEW
We are pleased to announce that our member in charge of NTTDATA-CERT of NTT DATA Group Corporation (hereinafter referred to as "NTT DATA Group") will be a speaker at SecTor 2024, an international conference in the field of cybersecurity, hosted by Black Hat. SecTor (Security Education Conference Toronto) is one of the prominent international conferences in the field of cyber security where technically advanced and practical knowledge is shared. Through a rigorous peer-review process, the novelty, originality, and public interest of our member's presentation were acknowledged and selected.
Session Overview
DFIR (Digital Forensics and Incident Response) practitioners need to examine a wide variety of artifacts such as event logs, registries, file systems, and memory at the time of an incident. Furthermore, in environments where EDR and SIEM solutions have not been implemented or are not fully operational, it is extremely difficult to quickly and comprehensively investigate these artifacts.
In this session, as a solution to the above issues, we will explain the DFIR methodology that utilizes the open source tools Hayabusa *1 and Takajo*2 developed by the YamatoSecurity Group*3 in Japan and the knowledge of the Sigma community *4 . Utilizing these open source tools, and through simple command line operations, we will show how community knowledge can be quickly and efficiently incorporated to significantly improve the accuracy and efficiency of a survey.
SecTor
SecTor is Canada's leading Black Hat-sponsored international conference gathering experts and researchers at the forefront of the cybersecurity field. Since its inaugural event in 2007, SecTor has attracted a large number of attendees each year, providing the latest information on information security research, developments, vulnerabilities, attack methods, and trends.
Last year's SecTor 2023 had more than 4,100 attendees, making it a large international conference where cutting-edge security topics were shared. This year, we expect that many industry leaders and experts will gather to discuss and share cutting-edge security topics.
NTTDATA-CERT
NTTDATA-CERT, to which the speaker belongs, is the CSIRT organization (Computer Security Incident Response Team) of the NTT DATA Group. NTTDATA-CERT works with domestic and international organizations on security measures to prevent and respond to incidents.
In addition, NTTDATA-CERT is promoting efforts to contribute to the improvement of society's security, and as an example, together with the volunteer members of the YamatoSecurity group, we are developing and promoting open source tools such as Hayabusa/Takajo/Sigma, which will be explained in this presentation.
Speaker
Fukusuke Takahashi
Assistant Manager, NTT DATA Group Corporation
Fukusuke Takahashi has been with NTTDATA-CERT (NTT DATA Group Corporation's CSIRT) since 2018, specializing in IR, OSINT, and SOAR. He is a member of Yamato Security and one of the core developers of the OSS tools "Hayabusa" and "Takajo". He is also a contributor to the Sigma projects featured in this session. He enjoys fixing bugs and reporting vulnerabilities in OSS Blue Team tools and has published multiple CVEs. He has presented at conferences such as the Annual FIRST Conference and SECCON.
Speaker information on SecTor 2024 website- Date and Time
- October 24 2024
- Location
- Metro Toronto Convention Centre
- Share Event
Program of activities
- Agenda - October 24 2024