Vishavjit Singh
Senior Threat Intelligence Researcher
eSentire
About
Sessions
Unmasking DPRK IT Workers: Endpoint Forensics and Infrastructure Mapping
What you will learn:
• A stepwise investigation workflow for suspected DPRK‐linked workers using endpoint, network, and OSINT evidence • A prioritized artifact list and how to validate each signal to avoid false positives • Infrastructure and behavioral patterns repeatedly observed across cases and how to test for them • Pre‐hire and post‐hire detection design, including telemetry requirements and escalation criteria • Case‐based lessons learned and failure modes to avoid in real investigations
Unmasking DPRK IT Workers: Endpoint Forensics and Infrastructure Mapping
What you will learn:
• A stepwise investigation workflow for suspected DPRK‐linked workers using endpoint, network, and OSINT evidence • A prioritized artifact list and how to validate each signal to avoid false positives • Infrastructure and behavioral patterns repeatedly observed across cases and how to test for them • Pre‐hire and post‐hire detection design, including telemetry requirements and escalation criteria • Case‐based lessons learned and failure modes to avoid in real investigations