/proc for Security Analysts: Unveiling Hidden Threats and Forensic Treasures

Abstract

In the intricate landscape of cybersecurity, the ability to uncover hidden threats and analyze system behaviors is paramount.

The /proc filesystem, a critical component of Unix-like operating systems, serves as a treasure trove of real-time data and system information. In this talk, “/proc for Security Analysts,” will delve into the forensic value of /proc, demonstrating how it can be leveraged to detect rootkits, uncover anomalies, and gain a profound understanding of the operating system.

Participants will learn how to navigate and interpret the vast array of data within /proc, equipping them with the skills to enhance their security analyses and bolster system defenses.

Stephan Berger

Stephan Berger has over a decade of experience in cybersecurity. Currently working with the Swiss-based company InfoGuard, Stephan investigates breaches and hacked networks as Head of Investigation of the Incident Response team. An avid Twitter user under the handle @malmoeb, he actively shares insights on cybersecurity trends and developments. Stephan also authors the blog DFIR.ch, where he provides in-depth analysis and commentary on digital forensics and incident response. Stephan has spoken at numerous conferences, sharing his expertise with audiences worldwide.

 

Asger Strunk

Asger Strunk is a highly skilled IT security professional with a wealth of experience spanning over a decade. Throughout his career, Asger has been involved in both offensive and defensive security operations, working tirelessly to protect individuals and organizations from cyber threats. His expertise in incident response is second to none, and he has an unwavering commitment to ensuring his clients are protected at all times. Currently, Asger is employed full-time by a leading Swiss cyber security company, where he specializes in incident response and brings a level of expertise that is unmatched in the industry.