FRIDAY, 8:00 AM - 12:00 PM
C# for Blue Team
Instructors:
- Zac Brown, Red Canary Principal Software Engineer
- Adam Mathis, Red Canary Director of Information Security
- Michael Sullivan, Red Canary Incident Handler
As adversaries extend tools and capabilities to use the .NET Framework, it is important for defenders to understand the architecture and opportunities for detection. This introductory to intermediate level training is designed to be a deep dive into .NET, by specifically working with C#.
Attendees will learn:
- Modern uses of adversarial uses of C#
- How to develop sample attacks and look at detection engineering.
- How to understand and respond to .NET binaries encountered during an investigation.
About the instructors
Zac Brown
Principal Software Engineer
Zac Brown is a principal software engineer at Red Canary focused on blue team detection & engineering. Prior to working at Red Canary, he worked for Microsoft on the Windows team and later the Office 365 security team. Zac likes long walks on the beach, operating systems internals, and working on compilers. In his non-existent free time, he enjoys spending time with his wife, daughter, and dogs, reading, and cooking.
Zac Brown is a principal software engineer at Red Canary focused on blue team detection & engineering. Prior to working at Red Canary, he worked for Microsoft on the Windows team and later the Office 365 security team. Zac likes long walks on the beach, operating systems internals, and working on compilers. In his non-existent free time, he enjoys spending time with his wife, daughter, and dogs, reading, and cooking.
Adam Mathis
Director of Information Security
Adam is a security leader, beard enthusiast, and heavy metal connoisseur. For the better part of a decade, he has worked across multiple security disciplines, such as architecture design and implementation, penetration testing, security engineering, and incident handling and response.
Adam is a security leader, beard enthusiast, and heavy metal connoisseur. For the better part of a decade, he has worked across multiple security disciplines, such as architecture design and implementation, penetration testing, security engineering, and incident handling and response.
Mike Sullivan
Incident Handler
Mike's been been playing with computers for more than 30 years. As a professional, he's worked in government—at the federal, state, and local levels—and in the private sector. Mike's diverse job history includes stints as an information assurance watch officer, incident responder, threat hunter, SOC manager, penetration tester, and security architect. Mike has a passion for bringing enterprise-grade security to organizations of all sizes by offering experienced guidance and open-source solutions.
Mike's been been playing with computers for more than 30 years. As a professional, he's worked in government—at the federal, state, and local levels—and in the private sector. Mike's diverse job history includes stints as an information assurance watch officer, incident responder, threat hunter, SOC manager, penetration tester, and security architect. Mike has a passion for bringing enterprise-grade security to organizations of all sizes by offering experienced guidance and open-source solutions.