Service Security Challenge 2019 - Forensics and debrief
- Sven Gabriel (NIKHEF)
The Security Workshop at the EGI Conference 2019 will address aspects of the recent Service Security Challenge run against the EGI infrastructure, SSC-19.03. The intended audience for the workshop includes system administrators and security contacts, as well as FedCloud users operating services connected to the internet.
The participants will get an introduction to the basic forensic techniques needed to successfully respond to the simulated attack
mounted during SSC-19.03. The attack was designed to allow the responders to find a set of artifacts by applying a range of forensic techniques of increasing complexity.
In the hands-on session, the participants will be provided with a VM infected with the 'malware' used in SSC-19.03. They will then be guided through the methods necessary to solve the challenges built into the simulated attack.
An additional introductory session would give an overview of the EGI CSIRT procedures and background to the development of technology used to run SSC-19.03