{"id":60213,"date":"2025-09-05T08:07:12","date_gmt":"2025-09-05T06:07:12","guid":{"rendered":"https:\/\/www.secuinfra.com\/news\/bsides-frankfurt-2025-successful-dfir-workshop-by-secuinfra-with-realistic-attack-scenario\/"},"modified":"2025-09-08T12:09:56","modified_gmt":"2025-09-08T10:09:56","slug":"bsides-frankfurt-2025-successful-dfir-workshop-by-secuinfra-with-realistic-attack-scenario","status":"publish","type":"post","link":"https:\/\/www.secuinfra.com\/en\/news\/bsides-frankfurt-2025-successful-dfir-workshop-by-secuinfra-with-realistic-attack-scenario\/","title":{"rendered":"Hands-on incident response: how our DFIR workshop went at BSides Frankfurt 2025"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-flat ez-toc-counter ez-toc-white ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">[inhalt_uebersetzt]<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.secuinfra.com\/en\/news\/bsides-frankfurt-2025-successful-dfir-workshop-by-secuinfra-with-realistic-attack-scenario\/#Recognizing_understanding_and_evaluating_cyber_attacks_%E2%80%93_DFIR_training_a_la_SECUINFRA\" >Recognizing, understanding and evaluating cyber attacks &#8211; DFIR training \u00e0 la SECUINFRA<\/a><\/li><\/ul><\/nav><\/div>\n\n<p class=\"wp-block-paragraph\">Last Friday, August 29, 2025, our Frankfurt office opened its doors for a top-class <strong>DFIR workshop (Digital Forensics and Incident Response)<\/strong> as part of this year&#8217;s <strong>BSides Frankfurt<\/strong> &#8211; and became a meeting place for cyber security enthusiasts who wanted to deepen their knowledge in a practical way.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">With <strong>11 participants<\/strong> &#8211; officially fully booked with 10 places available &#8211; the workshop was not only a complete success, but also a clear sign of how great the interest in practice-oriented IT forensics and incident response is.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Recognizing_understanding_and_evaluating_cyber_attacks_%E2%80%93_DFIR_training_a_la_SECUINFRA\"><\/span><strong>Recognizing, understanding and evaluating cyber attacks &#8211; DFIR training \u00e0 la SECUINFRA<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">In the first half of the workshop, Felix, one of our experienced DFIR experts, guided the participants through the <strong>theoretical basics of digital forensics<\/strong>. Topics covered included the structured approach to incidents, relevant data sources, typical artifacts and evaluation methods. Even for experienced <strong>IT security professionals<\/strong>, the presentation offered numerous new impulses, background knowledge and best practices.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The second part was hands-on: each participant was provided with their own analysis environment in which a previously constructed <strong>realistic attack scenario<\/strong> had to be forensically examined. Supported by Christian Z\u00fclch, who took on the role of the &#8220;attacker&#8221;, the participants worked together to work out how the attack took place, how the attacker moved around the system and built up persistence. The participants&#8217; evaluations were discussed, compared with the sample solution and supplemented with valuable tips and tricks relating to tools and analysis techniques.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Our conclusion:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">An all-round successful afternoon full of knowledge, practice and exchange &#8211; this is how our DFIR workshop as part of BSides Frankfurt 2025 can be summarized. We would like to thank all participants for their great interest and active participation. Special thanks go to Felix R., Christian Z., Eduard and Christina L., whose commitment made the workshop what it was: <strong>a real highlight for everyone who lives and breathes cyber defense<\/strong>.  <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">We are already looking forward to the next round!<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0205-2-scaled.jpg\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60192\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_0205-2-1600x1200.jpg\" alt=\"\" class=\"wp-image-60192\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0205-2-1600x1200.jpg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0205-2-800x600.jpg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0205-2-768x576.jpg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0205-2-1536x1152.jpg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0205-2-2048x1536.jpg 2048w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0017-1-scaled.jpeg\"><img decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60176\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_0017-1-1600x1200.jpeg\" alt=\"\" class=\"wp-image-60176\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0017-1-1600x1200.jpeg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0017-1-800x600.jpeg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0017-1-768x576.jpeg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0017-1-1536x1152.jpeg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0017-1-2048x1536.jpeg 2048w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3927-1-scaled.jpg\"><img decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60202\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_3927-1-1600x1200.jpg\" alt=\"\" class=\"wp-image-60202\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3927-1-1600x1200.jpg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3927-1-800x600.jpg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3927-1-768x576.jpg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3927-1-1536x1152.jpg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3927-1-2048x1536.jpg 2048w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0019-7-scaled.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60180\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_0019-7-1600x1200.jpg\" alt=\"\" class=\"wp-image-60180\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0019-7-1600x1200.jpg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0019-7-800x600.jpg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0019-7-768x576.jpg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0019-7-1536x1152.jpg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0019-7-2048x1536.jpg 2048w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0202-1-scaled.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60190\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_0202-1-1600x1200.jpg\" alt=\"\" class=\"wp-image-60190\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0202-1-1600x1200.jpg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0202-1-800x600.jpg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0202-1-768x576.jpg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0202-1-1536x1152.jpg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0202-1-2048x1536.jpg 2048w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3928-1-scaled.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60204\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_3928-1-1600x1200.jpg\" alt=\"\" class=\"wp-image-60204\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3928-1-1600x1200.jpg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3928-1-800x600.jpg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3928-1-768x576.jpg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3928-1-1536x1152.jpg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3928-1-2048x1536.jpg 2048w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0206-2-scaled.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60194\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_0206-2-1600x1200.jpg\" alt=\"\" class=\"wp-image-60194\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0206-2-1600x1200.jpg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0206-2-800x600.jpg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0206-2-768x576.jpg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0206-2-1536x1152.jpg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0206-2-2048x1536.jpg 2048w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_3931-1-1600x1200.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60210\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_3931-1-1600x1200.jpg\" alt=\"\" class=\"wp-image-60210\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3931-1-1600x1200.jpg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3931-1-800x600.jpg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3931-1-768x576.jpg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3931-1-1536x1152.jpg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_3931-1.jpg 2016w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0209-1-scaled.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"1200\" data-id=\"60200\" src=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/\/IMG_0209-1-1600x1200.jpg\" alt=\"\" class=\"wp-image-60200\" srcset=\"https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0209-1-1600x1200.jpg 1600w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0209-1-800x600.jpg 800w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0209-1-768x576.jpg 768w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0209-1-1536x1152.jpg 1536w, https:\/\/www.secuinfra.com\/wp-content\/uploads\/IMG_0209-1-2048x1536.jpg 2048w\" sizes=\"(max-width: 1600px) 100vw, 1600px\" \/><\/a><\/figure>\n<\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Last Friday, August 29, 2025, our Frankfurt office opened its doors for a top-class DFIR workshop (Digital Forensics and Incident Response) as part of this year&#8217;s BSides Frankfurt &#8211; and became a meeting place for cyber security enthusiasts who wanted to deepen their knowledge in a practical way.<\/p>\n","protected":false},"author":33,"featured_media":60165,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[60],"tags":[774],"dpc_coauthors":[],"class_list":["post-60213","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-cybersecurity-trends-en-2"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/60213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/users\/33"}],"replies":[{"embeddable":true,"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/comments?post=60213"}],"version-history":[{"count":6,"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/60213\/revisions"}],"predecessor-version":[{"id":60223,"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/60213\/revisions\/60223"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/media\/60165"}],"wp:attachment":[{"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/media?parent=60213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/categories?post=60213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/tags?post=60213"},{"taxonomy":"dpc_coauthors","embeddable":true,"href":"https:\/\/www.secuinfra.com\/en\/wp-json\/wp\/v2\/dpc_coauthors?post=60213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}