SANS Offensive Operations West 2021 features 10+ Live Online courses, Core NetWars, and Coin-A-Palooza! Register now.


To attend this webcast, login to your SANS Account or create your Account.

Memory Forensics: Sodium Pentothal for Your Security

  • Tuesday, November 21, 2017 at 10:00 AM EDT (2017-11-21 15:00:00 UTC)
  • Jake Williams, Alissa Torres

You can now attend the webcast using your mobile device!



Today, modern malware employs sophisticated obfuscation techniques such as code injection and anti-analysis mechanisms to evade detection and throw the investigator off its trail. The truth lies in system memory, which admittedly is the present-day battleground between attackers and defenders. Examiners must have an understanding of memory management and OS internals to identify anomalies and discern the attackers' intentions. It's time to re-up your skills at hunting evil in memory. 

This webinar will show how, by examining memory, analysts can derive tell-tale signs of malware infection. Presenters, Alissa Torres and Jake Williams, will detail the newest memory forensics techniques and tear into memory images to help you find your own evil.

Speaker Bios

Alissa Torres

Alissa Torres is a SANS analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+ certifications.

Jake Williams

Jake Williams is a SANS analyst, senior SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attacks on-premises and in the cloud.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.