Bringing DevOps to DFIR
This webcast will discuss the benefits of bringing a DevOps mindset to DFIR and detail how to automate the evidence processing phase of a \typical" enterprise DFIR investigation using the Jenkins Continuous Integration server atop the SIFT workstation. Barry will discusses the library of Jenkins jobs that have been built up to encapsulate the Six Step process from SANS FOR508 - Advanced Digital Forensics and Incident Response, as well as the advantages of using the ELK (Elasticsearch, Logstash, Kibana) stack for timeline visualization. Finally he will detail Forensicator FATE, the lightweight DFIR case manager that abstracts away the complexity of Jenkins, allowing the forensicator's time to be spent analyzing, versus processing, the evidence.
Hear more from Barry at the DFIR Summit & Training in Austin, July 7-8th.
Why should you attend?
- DFIR-Focused Training - Seven DFIR courses with top-rated industry expert instructors.
- FOR408, FOR508, FOR526, FOR572, FOR610, SEC504 and the NEW FOR578
- Summit Talks - Two days of trending talks with over 30 expert DFIR speakers.
- DFIR NetWars - Two nights of hands-on, interactive learning enabling you to develop and master the skills needed to excel. Free when you register for a class!
- Networking - Opportunities for real discussions with the best leaders in the community.
Register Today to learn what the experts know and get the training and knowledge you need to advance your DFIR career.
