On August 15-16, attendees joined us in Austin, TX or tuned in Live Online for the SANS DFIR Summit for its 15th anniversary!
We invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the Summit through a visual lens, take a look at the recordings below.
In addition to graphic recordings, PDFs of Summit presentations will be made available on the SANS Summit Archives page (SANS account required) and videos will be posted to YouTube over the next several months.
*If you registered for the Summit, video recordings are available on your Summit Access page in your SANS Portal.
Keynote: DFIR Evidence Collection and Preservation for the Cloud
Building a Pattern of Life - Leveraging Location and Health Data
Missing Pieces - Tips and Tricks on how to ensure your acquisitions aren’t missing critical dataJessica Hyde, Founder, Hexordia | Cesar Quezada, Research and Development Engineer, ArcPoint
A little bit of this, a little bit of datBrian Maloney, SANS Alumni
Stepping Out of the Android Malware Sandbox - Running & Analyzing Malware on a Physical HoneyphoneJoshua Hickman, Vice President, Cyber Risk Practice, Kroll
The Truth About USB Device Serial Numbers – (and the lies your tools tell)Kevin Ripa, Certified Instructor
Establishing Connections: Illuminating Remote Access Artifacts in WindowsFernando Tomlinson, Principal Digital Forensics and Incident Response Consultant, Mandiant
Cracking the Beacon: Automating the extraction of implant configurationsDerek Ditch, Principal Security Research Engineer, Elastic | Jessica David, Senior Security Data Engineer, Elastic
Stay ahead of the game: automate your threat hunting workflowsTowne Besel, Security Engineer, Cisco
Keynote: The Godfather of Forensics: How to Leverage Your “Year One” to Get an Offer You Cannot RefuseRob Lee, SANS Fellow
Hunting for Active Directory persistenceThomas Diot, Senior Consultant | Incident response, Wavestone
Hunting threat actors using OSINT forensicsAbi Waddell, DFIR Manager and Founder of Inquirix, Inquirix
Conducting Forensic Examinations in Zero Trust EnvironmentsJustin Tolman, Forensic Evangelist, Exterro
Analysis Paralysis? Setting the Right Goal for Your Incident AnalysisGerard Johansen, Principal Incident Handler, Fortalice Solutions
WhatsApp with Your iMessage, Dude?!Stacey Randolph, Director, DFIR, Stroz Friedberg | Christopher Vance, Manager of Curriculum Development, Magnet Forensics
Detecting malicious actors in Google WorkspaceKorstiaan Stam, Founder, Invictus Incident Response
Updates in DFIRPhilip Hagen, Faculty Fellow | Heather Mahalik, Faculty Fellow
If you'd like to check out our other upcoming Summits, you can view the latest listing here.