DFIR Monterey 2015

Monterey, CA | Mon, Feb 23 - Sat, Feb 28, 2015

Rapid Response and Data Collection -- Triaging for The Real World

  • Rob Lee
  • Monday, February 23rd, 7:15pm - 9:15pm

With the typical hard drive now averaging one terabyte in size, the fallout from the explosion of user-created data has become an overwhelming volume of potential evidence that law-enforcement, incident responders, and corporate investigators spend countless hours examining. Imaging entire hard drives has become unrealistic for the rapid and aggressive analysis required by most investigations today. Imaging and the resulting data sizes have resulted in the biggest anchor in the DFIR profession resulting in countless of useful hours lost in trying to achieve a standard that is nearly unreasonable. New techniques to help speed up triage and acquisition are needed to solve this issue. Learn a new approach in this unique session that will change the way you think about evidence acquisition forever.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, February 23
Session Speaker Time Type
General Session - Welcome to SANS Rob Lee Monday, February 23rd, 8:15am - 8:45am Special Events
DFIReception - Forensicators Unite! Monday, February 23rd, 6:00pm - 7:00pm Reception
Rapid Response and Data Collection -- Triaging for The Real World Rob Lee Monday, February 23rd, 7:15pm - 9:15pm Keynote
Tuesday, February 24
Session Speaker Time Type
Network Forensics: The Final Frontier (Until the Next One) Philip Hagen Tuesday, February 24th, 7:15pm - 8:15pm SANS@Night
When Macs Get Hacked Sarah Edwards Tuesday, February 24th, 8:15pm - 9:15pm SANS@Night
Wednesday, February 25
Session Speaker Time Type
Women in Technology Meet and Greet Wednesday, February 25th, 6:00pm - 7:00pm Reception
Preparing for PowerShellmageddon â Investigating Windows Command Line Activity Chad Tilbury Wednesday, February 25th, 7:15pm - 8:15pm SANS@Night
Power-up Your Malware Analysis with Forensics Anuj Soni Wednesday, February 25th, 8:15pm - 9:15pm SANS@Night
This event is over,
but there are more training opportunities.
 
Downloads
Share

SANS training is like a catalyst. It not only boosts your knowledge but also inspires you to learn more.
Tan Koon Yaw

Latest Whitepapers

Building a Home Network Configured to Collect Artifacts for Supporting Network Forensic Incident Response
By Gordon Fraser

Protect the Network from the Endpoint with the Critical Security Controls
By G. W. Ray Davidson, PhD

Breach Control: Best Practices in Health Care Application Security
By Brian Quick

Last 25 Papers »

Latest Tweets @SANSInstitute

Which information security practice are you trying to specia [...]
September 25, 2016 - 12:01 PM

Non-technical staff can learn from SANS as well - learn more [...]
September 24, 2016 - 7:50 PM

Don't miss our exceptional Bonus Sessions at #SANSSeattle! h [...]
September 24, 2016 - 7:30 PM

Contact Us

301-654-SANS(7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"SANS always provides you what you need to become a better security professional at the right price."
- Rasik Vekaria, BP