SANS OnDemand - 45+ Courses Available Today - View a Demo for an Hour of Free Content

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Fast, Scalable Results with EZ Tools and the New Command-line poster.

  • Wednesday, March 11th, 2020 at 3:30 PM EST (19:30:00 UTC)
  • Mark Hallman
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

With the wealth of data stored on Windows computers, it is often difficult to know where to start. This can be true whether you are faced with a single machine or an entire network of Windows computers, having a single, robust set of tools that can be used across the spectrum is a huge benefit. Consistent collection and processing of key forensics artifacts is a must in every scenario. Eric Zimmerman's EZ tools enable you to provide scriptable, scalable, and repeatable results with astonishing speed and accuracy. Go from one investigation a week to several per day. This type of performance is common with the command-line versions of EZ Tools. This webcast provides an overview of the new EZ Tools Command- line poster and how it can aid you when using the EZ Tools to speed up your investigations.

Download EZ Tools

Download Command-line Poster

Speaker Bio

Mark Hallman

Mark has been performing computer-related investigations for over 12 years. Mark lead and assisted in investigations involving identification, preservation, research, analysis, and presentation of ESI for Fortune 100 and NLJ firms across the United States as well as governmental agencies such as The Department of Justice, The Department of Labor and The Securities and Exchange Commission. Mark's certifications include GCFE, CGFA, GCHI, EnCE, and CCE.

Mark was primarily responsible for building the digital forensics and e-discovery practice of a regional firm in Dallas Texas. Responsibilities included forensics tool research and evaluation, development of ESI collection protocols, development of investigation "playbooks", training of the analyst team in the application of those tools and techniques for deployment on client projects. Mark actively lead and participated in hundreds of digital forensics and e-discovery projects. In addition to investigation and team training/development responsibilities, Mark has provided expert testimony in both state and federal courts.

Mark currently works for the SANS Institute's Research Operations Center (SROC) researching, designing, developing and testing virtual lab environments for the SANS DFIR curriculum. I look forward to helping anyone with interest in building their skills in DIFR. DFIR Rocks!

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.