Presentation video and slides from last week’s Security Weekly show, where I talked about Logstash in forensic investigations.
Category: Computer Forensics
Slides from SANS @Night, Bangalore India
I really enjoyed giving a SANS @Night talk in Bangalore, India this week. The slides are below. If you have any questions, please don’t hesitate to let me know. 2014-09 Logs Logs Every Where
Slides from SANS @Night: There’s GOLD in Them Thar Package Management Databases
I still need to pull the commands out of this presentation, which I’ll add to this post as soon as I have a chance. In the mean time, here are the slides from that talk. If there is video available, I’ll link it here as well. Thanks to everyone who attended and provided feedback!
VMware Snapshot Forensics
I recently determined the format for timestamps indicating when VMware Snapshots were initially created, as logged in the *.vmsd file.
DoD Cyber Crime Conference 2012: A Recap
I was fortunate enough to attend this year’s DoD Cyber Crime Conference, in Atlanta, GA. While these events are always great opportunities to meet up with old friends, I also took away a lot of useful information on the current and evolving state of computer forensics and the greater information security community. Partially as a… Continue reading DoD Cyber Crime Conference 2012: A Recap
Crosspost: SANS Network Forensics (FOR558) in Arlington, VA
Now that the holidays are over, it’s time to re-focus on challenges ahead. That includes training to help you to successfully tackle those tasks ahead in the new year. It’s an ideal time to join Phil Hagen in Arlington, VA for FOR558: Network Forensics. This course has been in high demand, and now you’ll be… Continue reading Crosspost: SANS Network Forensics (FOR558) in Arlington, VA