DeepSec 2018 Talk: Leveraging Endpoints to Boost Incident Response Capabilities – Francisco Galian, Mauro Silva
Francisco Galian, SME on Incident Response & Digital Forensics. Leading the response during security incidents, compromised networks and data breaches. Helping customers in a proactive way by providing trainings, table top exercises and active threat assessments.
Previous roles include assessing security on a Critical National Infrastructure, consultancy and being main developer of Threat Intel solutions like malware sandboxes.
Mauro Silva’s interests can be summarized by two words: challenges and scripting. He loves challenges, and scripts every repetitive task he can.
In his current position he leads a team responsible for threat hunting within a telco environment. He has also developed a training program for it that includes simulation of incidents and puts the team into several roles present in order to enable it to understand the nuances of an incident. That includes red teaming (aka pentesting).
In his past positions he has focused mainly on Incident Response and Forensic Investigations. He was also involved in the development of a Threat Intel gathering tool called IntelMQ. Mauro always tries to streamline his team’s work by automating everything that can be automated. He’d also represented his previous employers at several conferences and led a nation wide cybersecurity exercise.