Omar Tarek Zayed

Group SOC Lead at Network International

Session Title: LOLBins: The Double-Edged Sword of Cybersecurity and How to Hunt for Them

This title emphasizes the dual nature of LOLBins (short for living-off-the-land binaries) as both legitimate tools and potential threat vectors. "The Double-Edged Sword of Cybersecurity" suggests that while LOLBins can be useful, they also pose a significant threat to organizations. "How to Hunt for Them" highlights the focus of the session, which is on identifying and mitigating LOLBin activity.

The description of the session highlights the widespread adoption of LOLBins by adversaries in their interactive intrusion campaigns and the importance of threat hunters in uncovering this activity before it can cause harm. Attendees will learn about the expected and unexpected ways that operators can use LOLBins to achieve their objectives, as well as how to identify and mitigate LOLBin activity through threat hunting techniques.

Omar Zayed is a Communications Engineer who is concerned in Cybersecurity (SOC). In-depth knowledge with CCNA R&S, CCNA Security, CyberOps Associate, IBM Cybersecurity Analyst Professional Certificate, IBM QRadar SIEM Analyst & Admin, Operationalizing MITRE ATT&CK, C/C++ and Operating systems.
Omar poses an experience in incident investigation, SOC Process, building SIEM alerting capabilities and SIEM solutions (QRadar, Splunk, ELK Stack). Intermediate Knowledge & experience in solving DFIR cases, implementing threat hunting/detection capability and purple teaming activities (adversary emulation).
Besides that, Omar is a Cybersecurity Instructor and mentor that has an experience in building and teaching cybersecurity diplomas and trainings for either freshmen or professionals.