Link Search Menu Expand Document

Web Banner
Back to Pre-Conference Training Page

Back to Conference Home Page

Everything is Fine: Making the Most of a Security Incident

One-Day Interactive (Classroom) Training - AppSec New Zealand Conference 2021


This is a workshop all about security incident response. It will be run in-person by two people who have gone through various different types of incidents and emergencies and have lived to tell the tale.

This course is perfect for those developers, engineers, security professionals, testers, analysts, advisors who might find themselves one day having to get their hands dirty. It will be a focused workshop, using examples, to help you know the hygiene you should follow and actions to take.

Course Details

Dates: Thursday, 11 February 2021

Time: 8:45 a.m. to 5:30 p.m. (NZDT)

Instructors: Erica (‘sput’) Anderson, SafeStack, and Izzi Lithgow

Course Fee: NZ $450.00 (plus GST and ticketing fees)

Registration Site:

Maximum Enrolment: 65 attendees

Attendees Should Bring:

Attendees need to come prepared with:

  • Some way to take notes in whatever format suits them - notebooks, laptops, post-it notes.
  • Brain power - so get a good night’s sleep, and come prepared for some role playing adventure
  • An idea of how they want to apply what they are learning - especially for those of you currently at organisations that have a few things to improve on. Coming to the workshop already knowing how your organisation currently detects and responds to security incidents, which teams or roles are often involved, and how they have survived previous incidents can all help you know where to begin.

Course Outcomes:

By the end of the day, we are hoping the attendees will leave with:

  • Core knowledge of what is involved in incident response, and how you can apply those concepts to various situations
  • A more well-rounded toolkit - including some free resources and external organisations that can help when you aren’t sure what to do
  • Confidence of knowing who to talk to (inside and outside the org) and what to do when an incident happens

Course Outline

During this one-day workshop, we are going to:

  1. Understand what is involved in security incident response, and who is involved
  2. Why it is important, and how you can find value even when after having an incident
  3. ‘Choose your own [security] adventure’, and a detailed step through a malware and ransomware related incident
  4. Storytime with Erica and Izzi, as they explain how to re-apply the concepts from one incident type to others
  5. The ‘TL;DR’ version of a choose your own adventure, with a rapid-fire walkthrough of a Denial of Service incidents

Your Instructors

Erica (‘sput’) Anderson

Erica has worked in and can empathise with most IT and tech roles. Over the past seven years, she has been a consultant, engineer, tester, analyst, incident responder, and teacher. She has worked with a wide range of organisations, from small NZ businesses to global corporations. Being in Wellington, she has also done her share of public sector work. She knows what it feels like to try and move fast while staying secure.

Aside from work and various speaking events, Erica loves spending her time causing general chaos in the New Zealand infosec community by running events like Kiwicon, Kawaiicon, BSides Wellington, and Code Club Aotearoa. Twitter: @sputina

Izzi Lithgow

Izzi is a seasoned communications professional who has been responding to all sorts of incidents for over a decade, from national emergencies to hospital power outages. For the last few years, her focus has been on security incident response and the crucial role of communications when responding to security incidents. Izzi has spoken at conferences nationally and internationally on communicating security, including at Kawaiicon, CHCon, CyberCon, and FIRST. LinkedIn