Webcasts

SANS@MIC - Remote Forensic Investigations in the Context of COVID-19

• Monday, June 08, 2020 at 3:30 PM EDT (2020-06-08 19:30:00 UTC)
• Xavier Mertens

You can now attend the webcast using your mobile device!

  

Overview

Many of us are confined at home due to the COVID-19 pandemic. But, business as usual, many organizations are still facing security incidents (related to the virus or not). Let's imagine the following scenario: Your phone rings because a customer detected some suspicious activity on a server or a workstation. Of course, it must be investigated "as soon as possible". The server is physically located 500km away and you're stuck at home... How to handle this situation?

During this SANS@MIC webcast, I'll present and demonstrate a customizable live CD based on free tools to perform remote forensic investigations: check filesystems for indicators of compromise, take memory image, extract logs, and much more...

Speaker Bio

Xavier Mertens

Xavier Mertens is a freelance cybersecurity consultant based in Belgium. His daily job focuses on the “blue team” side to protect his customer’s assets (incident handling, forensics, log management, SIEM, security visualization, OSINT), but he likes to work on the “red team” side from time to time. Xavier is also a SANS Internet Storm Center Senior Handler (https://isc.sans.edu), security blogger (https://blog.rootshell.be) and co-organizer of the BruCON security conference (http://www.brucon.org).