Download PDF versions of previous talks presented at Forensic Summits and events.
The Importance of Validation February 2019
We rely on many tools to do our day jobs and tell us what's going on in our systems and networks, but are they giving us the right information and how would we know whether they were or not? Validation of tools is often one of those tasks that ends up being forgotten or omitted due to lack of time or resources. Is it really important? Spoiler alert... yes! SANS_atnight_feb2019_importance_of_valid[...] Adobe Acrobat document [5.1 MB]
System Profiler - Automating the Routine Stuff October 2018
This presentation outlines a number of shortcomings in existing tools used to parse information from a disk, and demonstrates a script that uses a combination of existing tools and manual parsing to automatically produce some routinely required sections of a forensic report. DFIR_prague_2018_sysprofiler_presentatio[...] Adobe Acrobat document [2.8 MB]