Sign up for upcoming workshop dates

Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to emerging attacker activity and novel offensive tradecraft.

In this workshop, you will:
- gain insights into the latest techniques used to deliver malware strains like IcedID and Emotet
- hunt through email data to identify malicious activity and develop rules to detect and block attacks
- leave with a strong understanding of tools and techniques to defend your organization from email threats

We'll cover common phishing techniques including:
- QR Code phishing
- Callback phishing
- VIP Impersonations
- HTML smuggling via links/attachments
- Malicious VBA macros
- OneNote / LNK file malware
- PDF attachments with embedded links to malware
- Credential phishing
- and more!

You'll be guided through the rule creation process, utilizing free and open detection engines including Sublime and YARA, while dissecting faithfully reproduced malware in's payload collection. Expect to leave with a strong understanding of the signals and email attributes that can be used to craft high-fidelity rules.

Workshop: Email Detection Engineering + Threat Hunting

Hosted by:

Alfie ChampionJosh Kamdjou
Alfie Champion
Josh Kamdjou
Founder & CEO
Sublime Security

Get Notified

Thanks for your interest! We'll send an email when registration opens for the next workshop.
Oops! Something went wrong while submitting the form.