DFIRCON Workshops Agenda

Community Learning Day at DFIRCON

Join us for an exclusive, in-person Community Learning Day just before DFIRCON begins, focused on enhancing your cybersecurity skills with open-source tools. This special day offers a unique opportunity to learn from industry-leading experts through interactive tutorials. These sessions will guide you through the practical applications and best practices of using these tools in cybersecurity. You'll gain actionable skills and insights directly from the authors and developers in this immersive experience.

Community Learning Day Agenda

Room 1	Room 2
8:00 AM - 10:00 AM Session: Getting Started with EZ Tools Presenter: Eric Zimmerman Description: Learn the basics of EZ Tools to quickly process Windows artifacts. This session covers exporting data to CSV and analyzing output from various tools.	8:00 AM - 10:00 AM Session: SOF-ELK Hands-on Workshop Presenter: Phil Hagen Description: Explore the SOF-ELK platform and its Elastic Stack components for digital forensic investigations.
10:00 AM - 10:15 AM Morning Break	10:00 AM - 10:15 AM Morning Break
10:15 AM - 12:15 PM Session: Mastering xLEAPP for Multi-Platform Artifact Parsing Presenter: Alexis Brignoni Description: Learn to use xLEAPP's framework to create plugins and parse artifacts from iOS, macOS, Android, Chromebooks, warranty returns, and Windows.	10:15 AM - 12:15 PM Session: Streamlining Incident Response with ARTEX Presenter: Ian Whiffin Description: Learn how use ARTEX to automate data extraction and threat prioritization, enhancing your incident response efficiency and accuracy.
12:15 PM - 1:15 PM Lunch Break	12:15 PM - 1:15 PM Lunch Break
1:15 PM - 3:15 PM Session: O365 Extractor Presenter: Korstiaan Stam Description: Learn to leverage open-source tools for zero-cost data acquisition and analysis of cloud platforms like Microsoft, AWS, and Google Workspace.	1:15 PM - 3:15 PM Session: Mastering SIFT Workstation Presenter: Rob Lee Description: A comprehensive guide to using the SANS Investigative Forensic Toolkit Workstation for digital forensics and incident response.
3:15 PM - 3:30 PM Afternoon Break	3:15 PM - 3:30 PM Afternoon Break
3:30 PM - 5:30 PM Session: OneDrive Forensics Presenter: Brian Maloney Description: Learn the essential techniques for extracting, analyzing, and managing forensic data from the OneDrive client to enhance your digital investigation skills.	3:30 PM - 5:30 PM Session: Tool Validation Presenter: Kat Hedley Description: Learn to validate your Digital Forensic tools through a hands-on tutorial, ensuring they deliver accurate results in real-world scenarios.
5:30 PM - 6:00 PM Wrap-Up Session: Closing remarks and summary of key takeaways	5:30 PM - 6:00 PM Wrap-Up Session: Closing remarks and summary of key takeaways.
6:15 PM - 7:15 PM Reception: An opportunity to network and reflect on the day's sessions and insights in a relaxed setting.

Room 1

Room 2

8:00 AM - 10:00 AM

Session: Getting Started with EZ Tools

Presenter: Eric Zimmerman

Description: Learn the basics of EZ Tools to quickly process Windows artifacts. This session covers exporting data to CSV and analyzing output from various tools.

8:00 AM - 10:00 AM

Session: SOF-ELK Hands-on Workshop

Presenter: Phil Hagen

Description: Explore the SOF-ELK platform and its Elastic Stack components for digital forensic investigations.

10:00 AM - 10:15 AM

Morning Break

10:00 AM - 10:15 AM

Morning Break

10:15 AM - 12:15 PM

Session: Mastering xLEAPP for Multi-Platform Artifact Parsing

Presenter: Alexis Brignoni

Description: Learn to use xLEAPP's framework to create plugins and parse artifacts from iOS, macOS, Android, Chromebooks, warranty returns, and Windows.

10:15 AM - 12:15 PM

Session: Streamlining Incident Response with ARTEX

Presenter: Ian Whiffin

Description: Learn how use ARTEX to automate data extraction and threat prioritization, enhancing your incident response efficiency and accuracy.

12:15 PM - 1:15 PM

Lunch Break

12:15 PM - 1:15 PM

Lunch Break

1:15 PM - 3:15 PM

Session: O365 Extractor

Presenter: Korstiaan Stam

Description: Learn to leverage open-source tools for zero-cost data acquisition and analysis of cloud platforms like Microsoft, AWS, and Google Workspace.

1:15 PM - 3:15 PM

Session: Mastering SIFT Workstation

Presenter: Rob Lee

Description: A comprehensive guide to using the SANS Investigative Forensic Toolkit Workstation for digital forensics and incident response.

3:15 PM - 3:30 PM

Afternoon Break

3:15 PM - 3:30 PM

Afternoon Break

3:30 PM - 5:30 PM

Session: OneDrive Forensics

Presenter: Brian Maloney

Description: Learn the essential techniques for extracting, analyzing, and managing forensic data from the OneDrive client to enhance your digital investigation skills.

3:30 PM - 5:30 PM

Session: Tool Validation

Presenter: Kat Hedley

Description: Learn to validate your Digital Forensic tools through a hands-on tutorial, ensuring they deliver accurate results in real-world scenarios.

5:30 PM - 6:00 PM

Wrap-Up Session: Closing remarks and summary of key takeaways

5:30 PM - 6:00 PM

Wrap-Up Session: Closing remarks and summary of key takeaways.

6:15 PM - 7:15 PM

Reception: An opportunity to network and reflect on the day's sessions and insights in a relaxed setting.