Site Search
Computer Science


Dr. Robert KentDr. Robert Kent
Dr. Robert Kent
Xiaobu Yuan, Ph.D.Dr. Xiaobu Yuan
Dr. Xiaobu Yuan
Arunita Jaekel, Ph.D.Dr. Arunita Jaekel
Dr. Arunita Jaekel
Dr. Ziad Kobti lecturingDr. Ziad Kobti
Dr. Ziad Kobti
Dr. Luis RuedaDr. Luis Rueda
Dr. Luis Rueda
Robin Gras, Ph.D.Dr. Robin Gras
Dr. Robin Gras
Lambton TowerLambton Tower
Lambton Tower
Dr. Scott GoodwinDr. Scott Goodwin
Dr. Scott Goodwin
Alioune Ngom, Ph.D.Dr. Alioune Ngom
Dr. Alioune Ngom
Jessica Chen, Ph.D.Dr. Jessica Chen
Dr. Jessica Chen
Windsor WaterfrontWindsor Waterfront Park
Windsor Waterfront Park
Imran Ahmad, Ph.D.Dr. Imran Ahmad
Dr. Imran Ahmad
Christie Ezeife, Ph.D.Dr. Christie Ezeife
Dr. Christie Ezeife

Incident Management: Investigating a Malware

Add this event into your calendar using the iCAL format
  • Fri, 10/19/2018 - 11:00am - 12:00pm

Incident Management: Investigating a Malware

Computer Science Colloquium Series
Mustapha Rachidi
Network Security Engineer and Analysts

Date:  Friday, October 19th, 2018
Time: 11:00 am
Location: Erie Hall, 2126

Abstract: Security Analyst is a challenging role in performing a good investigation of all security incidents that occur. On that account, the role demands continuous monitoring to make sure the environment is always healthy and secure. For that reason, Security Analysts use lots of tools and technologies like Security Information and Event Management (SIEM) that provides real-time analysis of security logs and events generated by applications and network appliances. A good resolution of any incident requires us to have an incident management process put in place with well-defined procedures that detail the appropriate responses to incidents. The objective of having such a process is to restore the operations back to normal when an incident occurs while minimizing the risk by limiting the incident impact. In this presentation, the different phases of an incident management process will be explained from a security analyst perspective. Then, in this presentation, a real application for the incident management process will be discussed: a malware that has been detected will be investigated while following the process of the incident response management that is used by the SOC to mitigate the impact, analyze the malware and make the necessary response to restore the operations to normal.

Bio: Mustapha Rachidi has over 6 years of experience in information security and networks working with networking, storage, data centers, and security. He has been a Cisco routing and switching instructor for 3 years. Mr. Rachidi holds numerous industry certifications from Cisco, Microsoft, EMC, HPe, VMware, FireEye, Carbon Black, and McAfee. His focus on Security led him to complete a Master of Engineering degree in Telecommunications and Information Security from the University of Victoria. Mr. Rachidi worked as a Security Analyst in a SOC operated by Bulletproof Solutions. Currently, Mustapha is a security engineer at IBM QRadar in Fredericton, New Brunswick. You can reach Mustapha on his email

See More: