Memory Analysis with Volatility
- Russ McRee
- Tuesday, June 18th, 7:15pm - 8:15pm
This discussion will cover the complete life cycle of memory acquistion and analysis for forensics and incident response, using Volatility.
Volatility has been referred to as the Python version of the Windows Internals book, given how much can be learned about Windows by reviewing how Volatility enumerates evidence. We'll conduct real-time analysis and examine Volatility's plug-in capabilities.
The Volatility project shortens the amount of time it takes to put cutting-edge research into the hands of practitioners, while encouraging and pushing the technical advancement of the digital forensics field.
Join us and learn more about this outstanding tool.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
|General Session - Welcome to SANS||Dr. Eric Cole||Monday, June 17th, 8:15am - 8:45am||Special Events|
|Fortinet Next Generation Firewalls||Troy Brueckner, CISSP, GISP, VP of Sales and Marketing, Infogressive||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|"Security Intelligence Through Endpoint Analytics: Deriving Insight from Chaos"||Roger Andras, Sr. Solutions Consultant, Guidance||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Building Risk Visibility intoYour Firewall Management Process||Richard Porter, Senior Systems Engineer, FireMon||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Tenable, the SANS 20 Critical Security Controls and You ... the Basics and Beyond||Speaker: Jack Daniel, Technical Product Manager, Tenable Network Security||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Smartphone Drill-Down: OS Extraction, Decoding & Analysis||Ronen Engler, Cellebrite||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Connecting the Dots:Protecting Your Enterprise and Your Career||Mike Nichols, Technical Product Manager||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Top 20 CSC Survey Results Panel||John Pescatore||Monday, June 17th, 6:00pm - 7:00pm||Vendor Event|
|State of the Internet Panel Discussion||Moderators: Dr. Johannes Ullrich, ISC Director and Marcus Sachs, ISC Director Emeritus||Monday, June 17th, 7:15pm - 9:15pm||Keynote|
|Vendor Solutions Expo||—||Tuesday, June 18th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Tuesday, June 18th, 5:00pm - 7:00pm||Vendor Event|
|Memory Analysis with Volatility||Russ McRee||Tuesday, June 18th, 7:15pm - 8:15pm||SANS@Night|
|Offensive Digital Forensics||Alissa Torres||Tuesday, June 18th, 7:15pm - 8:15pm||SANS@Night|
|Avoiding Cyberterrorism Threats Inside Hydraulic Power Generation Plants||Manuel Humberto Santander Palaez||Tuesday, June 18th, 8:15pm - 9:15pm||SANS@Night|
|Introducing the CompTIA CASP Exam||Eric Conrad and Seth Misenar||Tuesday, June 18th, 8:15pm - 9:15pm||SANS@Night|
|Security Analytics: What Matters in Your Chatter||Westley McDuffie||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Securing the Virtual Datacenter||Chip Copper, Global Solutions Architect||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Good COP, Bad COP||Speaker: Rob Mathieson, CISSP ECSA,Solutions Architect, Intel / DoDHP, Enterprise Security Products,ArcSight - TippingPoint - Fortify||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Effective Defense Against Today‚s Advanced Persistent Threats||Paul Bartruff||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Continuous Diagnostics & Mitigation (CDM): How to Achieve Cyber Security Readiness||Wallace Sann, CISSP-ISSEP, CIPP/G||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Stop Spear-Phishing and Watering Hole Attacks - Put the User in a Bubble||Join Nick Keller and Jason Shupp of Invincea||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Online Training Social Hour||—||Wednesday, June 19th, 6:00pm - 7:00pm||Special Events|
|GIAC Program Overview||Jeff Frisk||Wednesday, June 19th, 6:30pm - 7:15pm||Special Events|
|SANS Technology Institute Open House||Toby R. Gouker - Provost||Wednesday, June 19th, 7:15pm - 8:15pm||Special Events|
|Automated Analysis of Android Malware||Jim Clausing||Wednesday, June 19th, 7:15pm - 8:15pm||SANS@Night|
|Women in Technology Meet and Greet||—||Wednesday, June 19th, 7:15pm - 8:15pm||Special Events|
|Securing the Human - Phishing Launch||—||Wednesday, June 19th, 7:30pm - 8:30pm||Special Events|
|Windows Exploratory Surgery with Process Hacker||Jason Fossen||Wednesday, June 19th, 7:30pm - 9:00pm||SANS@Night|
|Fiber Channel - Your **Other** Datacenter Network||Rob VandenBrink||Wednesday, June 19th, 8:15pm - 9:15pm||SANS@Night|
|Accelerating Speed to Intelligence with ioMemory||Christian Shrauder, CTO, Fusion-io Federal||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Phishing your Employees: Lessons Learned from Phishing over 3.5 million People||Jim Hansen, PhishMe||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Emerging Technology: WildFire Enables Organizations to Detect and Prevent Advanced Persistent Threats||Alfred Lee||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Active Security Strategies for Destructive Malware and Advanced Persistent Threats||Brian Vosburgh, Principal Security Architect||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Dynamic Defenses against Dynamic Threats...ThreatSTOP takes DShield to the Next Level||Tom Byrnes||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Active Defense, Crime and Punishment: New Tools to Find Bad People||John Strand||Thursday, June 20th, 7:15pm - 8:15pm||SANS@Night|
|Investigating Employees: BYOD, COPE, and Online/Social Media||Ben Wright||Thursday, June 20th, 7:15pm - 8:15pm||SANS@Night|
|Evolving Threats||Paul A. Henry||Thursday, June 20th, 7:15pm - 9:15pm||SANS@Night|
|Defensive Reading: Understanding Online News||Richard Porter||Thursday, June 20th, 8:15pm - 9:15pm||SANS@Night|
|‚Big Data‚ & Security: How to Apply Advanced Analytics to Solve Mission Challenges||Kiran Rathod, Chief Technology Officer, Paragon Technology Group (Moderator)â¢ Michael Carleton, Former Chief Information Officer, Department of Health & HumanServices (HHS) and General Services Administration (GSA)â¢ Dr. Peter Aiken, President||Friday, June 21st, 12:30pm - 1:15pm||Lunch and Learn|
|Securing the Kids||Lance Spitzner||Friday, June 21st, 7:15pm - 8:15pm||SANS@Night|
|Security Outliers: Special Operations Edition||Gal Shpantzer||Friday, June 21st, 7:15pm - 8:15pm||SANS@Night|
|Securing the Human||Lance Spitzner||Friday, June 21st, 8:15pm - 9:15pm||SANS@Night|