Curtis-Fechner

Curtis Fechner

Senior Incident Management/IR Consultant

Curtis Fechner is a senior security consultant in Optiv’s enterprise incident management practice. Curtis’ role is to assist Optiv’s clients in containing and investigating information security incidents, through forensic investigation and malware analysis. Curtis also assists Optiv clients in proactively evaluating their existing incident response and incident management practices and programs, to with a focus on helping organizations enhance the overall maturity of their programs and improve general security posture.

 

Escape and Evasion Egressing Restricted Networks – Part 2

· By Mike Hodges, Jason Doelger, Curtis Fechner, Brian Payne ·

Attackers and security assessors alike are utilizing a technique called domain fronting, which masks malicious command and control (C2) traffic. This blog post revisits this type of evasive offensive cyber operations, which we first covered in a previous post. In this follow-up, we will discuss and demonstrate a nuance to domain fronting, which establishes command and control (C2) channels directly to inbox.google.com as well as other *.google.com applications, and the C2 channel is even encrypted with the legitimate Google SSL Certificate for that application. We'll further share some detection techniques that can be employed in an effort to identify this type of malicious traffic.

Continue reading

Maturing IR Capabilities into an Incident Management Program – Part 2 of 3

· By Jenn Black, Jeff Wichman, Case Barnes, Erik Schmidt, Curtis Fechner ·

The capability to respond effectively to cyber incidents is one of the most critical components of an enterprise security program. However, many companies still lack a solid incident response program (IRP) entirely or don’t take incident response planning seriously enough.

Continue reading
(2 Results)