James John
James is a Chartered Incident Response Professional with extensive expertise in Digital Forensics and Incident Response (DFIR). Certified by SANS, he brings over nine years of specialised experience to the field, having conducted both criminal and civil forensic investigations across public and private sectors.
In his current role, James leads security operations and incident response investigations for Bridewell's diverse client portfolio. His expertise spans critical national infrastructure, finance, hospitality, and FinTech industries, serving clients throughout the UK and US.
Session
A real compelling case study where an unknown ransomware actor's last-minute pivot revealed an entirely different threat group orchestrating the attack. This talk demonstrates how threat hunting analytics and infrastructure tracking techniques uncovered the deception, providing attendees with practical detection engineering methods and actionable insights for identifying threat actor misdirection in their own environments.