Past and Upcoming Talks and Trainings
I'm often giving talks, trainings and workshops either in person or virtually throughout the year. I'll list upcoming items as they are booked.
Tradecraft Tuesday: Memory Forensics 2023
I covered some basics of Memory Forensics on Tradecraft Tuesday on October 10, 2023. You can watch the full episode online.
Black Hat USA 2022 (Aug 6-11, 2022)
Andrew Case and I will be teaching our class, Digital Forensics and Incident Response: Tactical Version again this year. We've updated a lot of things from last year to include threats that we've seen over the past few months. This is a two (2) day class, that's offered twice during the course of the trainings period of Black Hat USA. We're planning to offer it in person this year. Sign up before it sells out!
macOS Malware: Myth vs Truth
I discussed the threat landscape as on the macOS side of things with Lisa Vaas on her podcast for ThreatPost.
Tradecraft Tuesday: "Mythical" macOS Malware
Annie Ballew and I discussed the rise of macOS malware in spite of the fact that users were initially mislead by Apple adverting that they were completely immune. We also cover how you can investigate malware samples, and protect yourself by using various tools available from places like Objective-See.
Cache-Up: January 2021
I discussed several things related to Memory Forensics and my career with Jessica Hyde.
OSDFCon 2020: Overcoming Obstacles in Memory Forensics
I gave a talk at OSDFCon on Overcoming Obstacles in Memory Forensics in order to help practitioners troubleshoot their tools and still get viable information from less than perfect memory samples.
Past Talks/Training Events
Here's a list of select talks and past trainings I've given over the years:
-
HTCIA Memory Day (2020): Overcoming Obstacles in Memory Forensics
-
Converge 2020: Advanced Threat Hunting of Volatile Artifacts
-
Black Hat USA 2020: Digital Forensics and Incident Response: Tactical Version (2 day / 2 day)
-
OSDFCon 2019: Advanced Memory Forensics Workshop
-
Black Hat USA 2019: Windows Digital Forensics and Incident Response
-
Converge 2018: Advanced Threat Hunting of Volatile Artifacts
-
Black Hat USA 2018: Windows Digital Forensics and Incident Response
-
OSDFCon 2017: Advanced Memory Forensics Workshop
-
Black Hat USA 2017: Windows Digital Forensics and Incident Response
-
OSDFCon 2016: Advanced Memory Forensics Workshop
-
Black Hat USA 2016: Windows Digital Forensics and Incident Response
-
HTCIA Women in Technology 2016: Stairway to DFIR: Keeping up with Volatility
-
EnFuse 2016: Advanced Windows Memory Analysis for Incident Response
-
Black Hat USA 2015: Windows Digital Forensics and Incident Response
-
CEIC 2015: Rootkits, Exfil and APT - RAM Conquers All
-
OMFW 2014: Many ways to skin a RAT- Let’s Start with the Tail: Automating Hunting Malicious Code
-
NYC4SEC 2014: Thanks For the Memory: Rootkits, Exfil and APT - RAM Conquers All
-
Black Hat USA 2014: Windows Digital Forensics and Incident Response
-
Black Hat West Coast (Seattle) 2013: Windows Digital Forensics and Incident Response
-
OMFW 2013: Every Step You Take: Profiling the System
-
Black Hat USA 2013: Windows Digital Forensics and Incident Response
-
NYBA 2013: This Tragic Moment: Lessons in DFIR
-
OMFW 2012: Reconstructing the MBR and MFT from Memory
-
Black Hat USA 2012: Windows Digital Forensics and Incident Response
-
OMFW 2011: Time is On My Side