Event Calendar
Prev MonthPrev Month Next MonthNext Month
Asia Pacific Chapter: Joint Event with SANS Qualified Instructor
Morgan Stanley, International Commerce Centre
1 Austin Road West
Hong Kong China
Monday, August 13, 2018, 5:30 PM - 7:00 PM HKT
Category: Chapter Meeting

Topic: The Light Side of the Force: PowerShell for Incident Handlers

Increasingly, PowerShell is used by adversaries to laterally move and persist within victim networks. This talk discusses ways to turn the tide on this trend and put the power of PowerShell to work for you.

Speaker:

Steve Anson is a Director with Forward Defense. Since 2007, Steve has provided strategic and tactical advice to a diverse range of global clientele in the areas of incident response, digital forensics, and network security.

Steve was a special agent with the Department of Defense Criminal Investigative Service, where he investigated cyberattacks against its global Information grid, the world's largest computer network. In this role, he oversaw international computer crime investigations with substantial impact to America's national security.

Steve also previously served as an instructor for the Federal Bureau of Investigation, where he trained hundreds of veteran FBI cybercrime agents in the investigation of computer network intrusion and other computer crimes. In this role, Steve also trained agents for the U.S. Secret Service, the Naval Criminal Investigative Service, the Department of Energy, the U.S. Air Force, the Defense Criminal Investigative Service, the U.S. Army and many international agencies.

As a Task Force Agent for the FBI, Steve had the opportunity to conduct investigations into international espionage, computer network intrusions, domestic and international terrorism, fraud, crimes against children, and other cases involving the criminal use of computers.

In his experience as an instructor for the U.S. State Department, Steve has trained law enforcement, prosecutors and judges in a wide range of countries, including Malaysia, Kazakhstan, Egypt, Jordan, Kyrgyzstan, Thailand, Senegal, Bangladesh, Kenya, Colombia, Indonesia, the Philippines and many others in cybercrime investigation and digital forensics, helping these nations establish a cyber investigative capability. He has worked with a variety of national law enforcement agencies to establish digital forensics and cyber investigations units and develop policies and procedures in line with international standards.

During his tenure as a police officer, Steve founded and supervised a technical services unit with responsibility for the design, security and administration of the department's information systems as well as computer crime investigations and forensics. In this role, he conducted and led computer investigations involving imminent threat to life.

Throughout his career, Steve has received a number of industry credentials, which include: Certified Information Systems Security Professional (CISSP), EnCase Certified Examiner (EnCE), Cellebrite Certified Mobile Examiner (CCME), Department of Defense Certified Computer Crime Investigator, Seized Computer Evidence Recovery Specialist (SCERS), GIAC Certified Incident Handler (GCIH) and GIAC Penetration Tester (GPEN) . He has served as an Adjunct Professor for George Washington University's Master of Computer Forensics program, and is a certified Lead Assessor for laboratory competence in ISO 17025:2005 with the American Association for Laboratory Accreditation.

Steve holds an MS in Computer Science and is the co-author of Mastering Windows Network Forensics and Investigations from Wiley Publishing.

Venue:

Boardroom, Morgan Stanley, International Commerce Centre, Tsim Sha Tsui

Contact: Bonnie So, President of HTCIA Asia Pacific