On August 15-16, attendees joined us in Austin, TX or tuned in Live Online for the SANS DFIR Summit for its 15th anniversary!
We invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the Summit through a visual lens, take a look at the recordings below.
In addition to graphic recordings, PDFs of Summit presentations will be made available on the SANS Summit Archives page (SANS account required) and videos will be posted to YouTube over the next several months.
*If you registered for the Summit, video recordings are available on your Summit Access page in your SANS Portal.
Keynote: DFIR Evidence Collection and Preservation for the Cloud
Josh Lemon, Certified Instructor | Megan Roddie, Course Author
Building a Pattern of Life - Leveraging Location and Health Data
Jared Barnhart, Digital Intelligence Specialist, Cellebrite | Heather Mahalik, Faculty Fellow
Missing Pieces - Tips and Tricks on how to ensure your acquisitions aren’t missing critical data
Jessica Hyde, Founder, Hexordia | Cesar Quezada, Research and Development Engineer, ArcPoint
A little bit of this, a little bit of dat
Brian Maloney, SANS Alumni
Stepping Out of the Android Malware Sandbox - Running & Analyzing Malware on a Physical Honeyphone
Joshua Hickman, Vice President, Cyber Risk Practice, Kroll
The Truth About USB Device Serial Numbers – (and the lies your tools tell)
Kevin Ripa, Certified Instructor
Establishing Connections: Illuminating Remote Access Artifacts in Windows
Fernando Tomlinson, Principal Digital Forensics and Incident Response Consultant, Mandiant
Cracking the Beacon: Automating the extraction of implant configurations
Derek Ditch, Principal Security Research Engineer, Elastic | Jessica David, Senior Security Data Engineer, Elastic
Stay ahead of the game: automate your threat hunting workflows
Towne Besel, Security Engineer, Cisco
Keynote: The Godfather of Forensics: How to Leverage Your “Year One” to Get an Offer You Cannot Refuse
Rob Lee, SANS Fellow
Hunting for Active Directory persistence
Thomas Diot, Senior Consultant | Incident response, Wavestone
Hunting threat actors using OSINT forensics
Abi Waddell, DFIR Manager and Founder of Inquirix, Inquirix
Conducting Forensic Examinations in Zero Trust Environments
Justin Tolman, Forensic Evangelist, Exterro
Analysis Paralysis? Setting the Right Goal for Your Incident Analysis
Gerard Johansen, Principal Incident Handler, Fortalice Solutions.jpg)
WhatsApp with Your iMessage, Dude?!
Stacey Randolph, Director, DFIR, Stroz Friedberg | Christopher Vance, Manager of Curriculum Development, Magnet Forensics
Detecting malicious actors in Google Workspace
Korstiaan Stam, Founder, Invictus Incident Response
Updates in DFIR
Philip Hagen, Faculty Fellow | Heather Mahalik, Faculty Fellow
If you'd like to check out our other upcoming Summits, you can view the latest listing here.
.PNG "DFIR_ICON_(1).PNG"){kind=icon}
