Sessions

This Mobile Unpacked with Chris Vance episode will more deeply explore the SEGB file format, the tools needed for finding and validating the data stored within, and what artifacts ran off to this location after going missing from old locations such as KnowledgeC.

In this session, we will see the evolution of memory forensics and analysis including common mistakes that survived as common practices and how solving basic fundamentals will enable analysts to access to the next generation of threat detection methods.

Join Security Forensics Consultant, Doug Metz, to learn how to build your own ‘Windows to Go’ drive to support offline collections with Magnet OUTRIDER and Magnet ACQUIRE, as well free tools for live collections such as Magnet RESPONSE, Magnet DumpIt, and Magnet RAM Capture.

This talk will not only address how adversaries are leveraging existing remote access and custom tools that have proved to be beneficial in analysis against some of the most sophisticated actors.

This talk will illustrate how forensic examiners can collect physical memory and filesystem artifacts on scene as well as the methods we can use to analyze the data collected to find the artifacts relevant to the case.

In this talk, we’ll show how you can pull data from AWS Config and use it in your next incident.

his presentation will discuss a novel method to identify the phone number of an AirDrop sending device using logs found on the receiving device.

This talk will dive into methods to get after the data from VR devices. We will discuss logical acquisitions, all the way to chip-off of an Oculus.