Register now for SANS Cyber Defense Initiative 2016 and save $400.

DFIRCON 2014

Monterey, CA | Wed, Mar 5 - Mon, Mar 10, 2014

Keynote: Have no fear - DFIR is here!

  • Rob Lee, Chad Tilbury, Alissa Torres, Phil Hagen, and Lenny Zeltser
  • Wednesday, March 5th, 7:00pm - 8:30pm

In an age of darkness, at a time of evil...When the cyberworld needed heros, what it got was this team. In less time than it takes you to watch the Avengers, the DFIR hero team will take you through an end-to-end investigation starting with core steps in digital forensics, incident response, memory analysis, and RE Malware. Instructors Rob Lee (FOR408 - Digital Forensics) , Chad Tilbury (FOR508 - Incident Response) , Alissa Torres (FOR526 - Windows Memory Forensics), Phil Hagen (FOR572 - Network Forensics) and Lenny Zeltser (FOR610 - RE Malware) will step through how key skills are used to solve a single case for 20 minutes each. The tag team approach will detail how teams can be leveraged in your environment to effectively respond to incidents on a single system and the enterprise. Five forensicators, 1 million hackers- the odds are just about even.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
Additional Sessions
Session Speaker Type
GIAC Program Overview Rob Lee Special Events
SANS Technology Institute Open House Rob Lee Special Events
Wednesday, March 5
Session Speaker Time Type
Welcome to SANS Rob Lee Wednesday, March 5th, 8:15am - 8:45am Special Events
DFIReception - Forensicators Unite! Wednesday, March 5th, 6:00pm - 7:00pm Reception
Keynote: Have no fear - DFIR is here! Rob Lee, Chad Tilbury, Alissa Torres, Phil Hagen, and Lenny Zeltser Wednesday, March 5th, 7:00pm - 8:30pm SANS@Night
Thursday, March 6
Session Speaker Time Type
Malware Analysis Essentials Using REMnux Lenny Zeltser Thursday, March 6th, 6:00pm - 7:00pm SANS@Night
Panic! Hysteria! No malware required! John Strand Thursday, March 6th, 7:00pm - 8:00pm SANS@Night
There's *GOLD* in them thar package management databases! Phil Hagen Thursday, March 6th, 8:00pm - 9:00pm SANS@Night
Friday, March 7
Session Speaker Time Type
Sick Anti-Forensics Mechanisms in the Wild Alissa Torres Friday, March 7th, 6:00pm - 7:00pm SANS@Night
Forensic Handling of the iPhone 5c and 5s Heather Mahalik Friday, March 7th, 7:00pm - 8:00pm SANS@Night
Standards for Cyber Threat Intelligence Greg Farnham - Master's Degree Candidate Friday, March 7th, 7:00pm - 7:40pm Special Events
A 10 Second Journey: Parsing the structure of the Windows 8 Prefetch Artifact Jared Atkinson Friday, March 7th, 8:00pm - 9:00pm SANS@Night
Saturday, March 8
Session Speaker Time Type
GIAC/STI Overview Saturday, March 8th, 12:30pm - 1:15pm Lunch and Learn
Sunday, March 9
Session Speaker Time Type
Closing the Door on Web Shells Anuj Soni Sunday, March 9th, 7:00pm - 8:00pm SANS@Night