Getting started in DFIR: Testing 1,2,3 - SANS@Mic

  • Wednesday, 17 Feb 2021 1:00PM AEDT (17 Feb 2021 02:00 UTC)
  • Speaker: Phill Moore

Getting started in digital forensics has never been easier. There's a myriad of ways into the field, but'those that set themselves apart supplement training with personal research. One could even say that it's hard to just do one without the other. Seeing how your actions appear in the data will allow you to have a more complete understanding of what's going on under the hood. In this session, we will look at some easy (and free!) methods of testing forensic artifacts to understand how they work, and how to identify potential activity that created them.