5 Days Left to Save $200 on SANS Miami 2016

DFIR Summit 2014

Austin, TX | Tue, Jun 3 - Tue, Jun 10, 2014

The Great Browser Schism: How to Analyze IE10 & IE11

  • Chad Tilbury, Certified Instructor, SANS Institute & Technical Director, CrowdStrike
  • Thursday, June 5th, 5:45pm - 6:45pm

Changes to Internet Explorer have been slowly occurring since Windows 7, but the introduction of IE10 with Windows 8 and IE11 with Windows 8.1 has been nothing short of cataclysmic. Take everything you knew about Internet Explorer and file it away, because it won't help you now. This talk will cover Internet Explorer 10 & 11 artifact by artifact, giving you the tools and techniques necessary to do a full analysis. Learn to parse the ESE database, where your Index.dat files have gone, and how the introduction of Windows 8 metro apps tie Internet Explorer more deeply to the OS than ever.

Chad Tilbury has been responding to computer intrusions and conducting forensic investigations since 1998. His extensive law enforcement and international experience stems from working with a broad cross-section of Fortune 500 corporations and government agencies around the world. During service as a Special Agent with the Air Force Office of Special Investigations, he investigated and conducted computer forensics for a variety of crimes, including hacking, abduction, espionage, identity theft, and multi-million dollar fraud cases. He has led international forensic teams and conducted computer incident response at some of the largest organizations in the world. Chad is a graduate of the U.S. Air Force Academy and holds a B.S. and M.S. in Computer Science and GCFA, GREM, ENCE, and CISSP certifications. In addition to serving as faculty at the SANS Institute, he is currently a consultant specializing in incident response, corporate espionage, and computer forensics.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Tuesday, June 3
Session Speaker Time Type
Logs, Logs, Every Where / Nor Any Byte to Grok Phil Hagen, Instructor, SANS Institute Tuesday, June 3rd, 6:30pm - 7:30pm SANS@Night
Wednesday, June 4
Session Speaker Time Type
Extracting User Credentials using Memory Forensics Alissa Torres, Certified Instructor, SANS Institute Wednesday, June 4th, 5:45pm - 6:45pm SANS@Night
Sushi-grade Smartphone Forensics on a Ramen Noodle Budget Heather Mahalik, Certified Instructor, SANS Institute Wednesday, June 4th, 6:45pm - 7:45pm SANS@Night
Thursday, June 5
Session Speaker Time Type
The Great Browser Schism: How to Analyze IE10 & IE11 Chad Tilbury, Certified Instructor, SANS Institute & Technical Director, CrowdStrike Thursday, June 5th, 5:45pm - 6:45pm SANS@Night
Filesystem Journal Forensics David Cowen, Partner, G-C Partners Thursday, June 5th, 6:45pm - 7:45pm SANS@Night
Monday, June 9
Session Speaker Time Type
Vendor Showcase Monday, June 9th, 9:50am - 10:05am Vendor Event
Dealing With Persistent Smartphone Forensic Challenges Ronen Engler, Senior Manager, Technology & Innovation Monday, June 9th, 12:00pm - 1:00pm Lunch and Learn
Vendor Showcase Monday, June 9th, 3:45pm - 4:05pm Vendor Event
Tuesday, June 10
Session Speaker Time Type
Vendor Showcase Tuesday, June 10th, 10:30am - 11:00am Vendor Event
Facing The New Frontier: A Real Case Study In Performing Computer Forensics Without The Evidence Keith Jones, Lead Cybersecurity Engineer Tuesday, June 10th, 11:30am - 12:30pm Lunch and Learn
Vendor Showcase Tuesday, June 10th, 3:00pm - 3:20pm Vendor Event