Getting started in digital forensics has never been easier. Theres a myriad of ways into the field, but those that set themselves apart supplement training with personal research. One could even say that its hard to just do one without the other. Seeing how your actions appear in the data will allow you to have a more complete understanding of whats going on under the hood. In this session, we look at some easy (and free!) methods of testing forensic artifacts to understand how they work, and how to identify potential activity that created them.Speaker Bio
Phill Moore has always focused on finding fulfillment through his work, which is why he abandoned his initial pursuit of a career as a business analyst to seek out something that really sparked his interest and felt worthwhile. A career in Digital Forensics and Incident Response (DFIR) was the perfect fit. Whether prosecuting an offender, stopping an attacker, or saving a business, Phill says that the impact his DFIR work has on people's lives makes it all feel worthwhile. And he has extended his footprint through his research and his work as a SANS instructor for FOR500: Windows Forensic Analysis. He writes a weekly blog called This Week in 4n6 that provides a roundup of news and updates about DFIR, and he produces a monthly podcast covering a selection of important recent articles. Phill also has a personal research blog documenting some of his DFIR research on topics such as Zone identifiers, examination documentation, and an introduction to mounting APFS volumes on MacOS. Phill's tools, including his GSERPent Google URL Parser and his Homespeak tool for interacting with Google Home devices, can be found on his Github page. He was nominated for the Forensic 4Cast "Blog of the Year" award in 2017 and 2018 and was selected to speak at the SANS DFIR Summit in 2018. In 2019, he was nominated for the Forensic 4Cast "Resource of the Year", "Podcast of the Year", and "Social Media Contributor of the Year".
Музыка
Фильмы
ТВ Шоу
Категории видео
