Phill Moore
Certified InstructorPrincipal Investigator, DFIR at CyberCX
Specialities
Digital Forensics and Incident Response
Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsDigital Forensics and Incident Response
Whether providing evidence to prosecute an offender, stopping an attacker, or saving a business, Phill says that the impact his DFIR work has on people's lives makes it all feel worthwhile. And he has extended his footprint through his research and his work as a SANS as FOR500: Windows Forensic Analysis and FOR528: Ransomware and Cyber Extortion course instructor.
Here are upcoming opportunities to train with this expert instructor.
Explore content featuring this instructor’s insights and expertise.
Windowsのログには多くの情報が記録されていますが、それに加えてフォレンジックに活用できる様々なアーティファクトから情報を読み取ることができます。この講演では、ユーザーの知らない間に、単なるメタデータとは言い切れないような情報を記録しているアーティファクトをいくつかご紹介します。この講演を聞いたあと、あなたはキャッシュを無効にしますか?キャッシュの面白さを感じてもらえたら嬉しいです。
Windows puts a lot into logs, but it puts even more into forensic artefacts you may not be aware of. This talk will explore some of the artefacts that, without the knowledge of the user, records more than just metadata. I think it's pretty cool, maybe after this talk you will do....or disable it all...or both?
Windows puts a lot into logs, but it puts even more into forensic artefacts you may not be aware of. This talk will explore some of the artefacts that, without the knowledge of the user, records more than just metadata. I think it's pretty cool, maybe after this talk you will do....or disable it all...or both?
In this engaging session, participants will have the opportunity to delve into the world of incident response alongside SANS Instructor Phill Moore. Drawing from his wealth of experience, Phill will not only address inquiries surrounding the intricacies of being an incident responder but will also enrich the discussion with insightful anecdotes and real-world scenarios.
近年、ランサムウェア攻撃は、個人や企業のみならず、重要インフラをも標的とする大きなな脅威へと進化しています。2023年はランサムウェアにとって大きな年であり、2024年もその勢いが衰えるとは考えられません。このプレゼンテーションでは、ランサムウェアの現状、攻撃時によく見られる手口やテクニック、2023年のランサムウェア攻撃への対応から得られた教訓を包括的にご紹介します。
Review relevant educational resources made with contribution from this instructor.