Mathias Fuchs
Senior InstructorVP Investigation and Intelligence at InfoGuard
Specialities
Digital Forensics and Incident Response
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
FOR608: Enterprise-Class Incident Response & Threat Hunting
FOR608Digital Forensics and Incident Response
- GIAC Enterprise Incident Responder (GEIR)
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 20 Hours of hands-on instruction
FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
FOR508Digital Forensics and Incident Response
- GIAC Certified Forensic Analyst (GCFA)
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 35 Hours of hands-on instruction
Virtual Events
Explore content featuring this instructor’s insights and expertise.
- Slide 1 of 5
大規模なインシデントレスポンスの対処法
大規模なインシデントレスポンスは、従来のフォレンジックアプローチを拡張するものではなく、全く別の対処が必要となります。Mathiasは、100,000以上のエンドポイント端末を所有する組織において大規模なインシデントに対処する際のさまざまな落とし穴に焦点を当てます。この講演では、多くのポイントを取り上げますが、特にドキュメンテーションに焦点を当て、それがどのようにリソースや被害者、その他のステークホルダーのマネジメントと結びついているかを説明します。
WebinarDigital Forensics and Incident Response
- 15 Mar 2023
- 19:00 UTC
- Mathias Fuchs
- Slide 2 of 5
SANS Community Night Secure Singapore 2023 - Managing Large-Scale Response
Large-scale incident response is not about scaling classical forensic approaches, it's an entirely different field. In his talk, Mathias will focus on the various pitfalls when handling major breaches in organizations with well above 100.000 endpoints. While there are many points to cover, the main focus of the talk will be on documentation and how it ties into managing resources, the victim and other stakeholders.
WebinarDigital Forensics and Incident Response
- 15 Mar 2023
- 19:00 UTC
- Mathias Fuchs
- Slide 3 of 5
Memory Forensics Acquisition in the Cloud
As more and more organizations begin moving their resources to the cloud, analysts and responders must be prepared to operate in this new landscape. One aspect of traditional forensics that we must learn to implement in the cloud is memory forensics.
WebinarDigital Forensics and Incident Response
- 10 Apr 2023
- 13:00 UTC
- Mathias Fuchs & Megan Roddie-Fonseca
- Slide 4 of 5
2023 Survey Event | Threat Hunting: Focusing on the Hunters and How Best to Support Them
As vendors develop new software or tools for threat hunting, we need to remember that threat hunting is predominantly a human-based activity in looking for incidents that our automated tools have not yet found, or cannot yet detect. This year, our survey will focus on the hunters themselves and how their organizations support threat hunting. Are hunters asked to complete multiple tasks at once? How much focus is given to threat hunting compared with other cybersecurity tasks? We look further at the skills that threat hunters must hone as that are just starting out, to skillsets of those who have been hunting for many years. We again will compare year-on-year trends to see how organizations have shifted their perspectives on threat hunting.
WebinarDigital Forensics and Incident Response- 19 Apr 2023
- 10:30 UTC
- Mathias Fuchs, John Gamble, Chris Hall + 2 more
- Slide 5 of 5
SANS 2024 Threat Hunting Survey: Hunting for Normal Within Chaos
In recent years, the cyber threat landscape has evolved significantly, blurring the lines between tactics, techniques, and procedures (TTPs) used by cybercrime and nation-state-sponsored attacks. On this webcast, SANS certified instructors Mat Fuchs and Josh Lemon will explore results of our 2024 Threat Hunting Survey, and reveal how organizations are changing their proactive hunting activities and their use of hunting for unusual patterns, behaviors, and artifacts within network traffic and endpoints to catch threat actors who continually try to side-step detections. Register for this webcast now, and you will automatically receive the companion white paper upon publication.
WebinarSecurity Awareness
- 20 Mar 2024
- 10:30 UTC
- Mathias Fuchs, Josh Lemon, David Bianco + 2 more