Live Webcast|1 hour

Inside 1,500+ incidents: When trusted tools become attack vectors

You’ll learn:

  • How attackers exploit trusted tools and everyday business processes to evade detection
  • Lessons from three real incident-response engagements and the indicators defenders may miss
  • Practical steps to close visibility gaps and strengthen detection against trust-based attacks
August 10, 2026
2:00 PM ET
Sponsored by:

Reserve Your Spot for Our Upcoming Webcast

By clicking the Register button below, you agree to SC Media Terms of Use and Privacy Policy.

With 300+ incident-response experts responding to more than 1,500 engagements each year, LevelBlue sees how modern attackers evade detection by abusing trusted tools, processes, and human behavior.

Join Devon Ackerman, Global Services Leader of DFIR and former FBI Supervisory Special Agent, as he shares three real-world cases: Microsoft Graph API abuse for stealth data exfiltration, SEO poisoning that creates accidental insider threats, and help desk social engineering tied to MFA resets.

We'll discuss how each one could have been detected and the steps you can take to prevent similar attacks.

Event Speakers

Devon Ackerman
Global Leader for Digital Forensics and Incident Response Services at LevelBlue

Devon Ackerman is the Global Leader for Digital Forensics and Incident Response services at LeveBlue. Devon provides strategic leadership and hands-on engagement management expertise across LevelBlue’s portfolio of global consulting services. His background is as a hands-on investigator drawing from his extensive experience while with the Federal Bureau of Investigation (FBI) as a Special Agent and Senior Digital Sciences Forensics Examiner. He has overseen and coordinated digital forensic and incident response operations across the United States, with incident types ranging from corporate espionage (insider threat) and data sabotage (ransomware) events to national security (nation state cyber threats) and trespasser activity related investigations (network and cloud intrusion events).

During the course of Devon’s 25 years of Cyber-focused experience, he has testified in federal and state courts as an expert witness on Digital Forensics, lead global DFIR teams for three comp, and contributed to the development of numerous industry leading digital forensic tools. He was the course material revision architect and co-author for the FBI’s CART Tech Certification program and Digital Evidence Extraction Technician (DExT) training curriculums and authored the best-selling book “Diving In: An Incident Responder’s Journey”.