This hands-on workshop is a rapid introduction to key artifacts and techniques for investigating compromised Linux systems using Linux tools. We will cover collecting and analyzing disk and memory evidence, showing you where to look and introducing tools every investigator should know.
Workshop registration is required.
Hal Pomeranz is an independent digital forensic investigator who has consulted on cases ranging from intellectual property theft, to employee sabotage, to organized cybercrime and malicious software infrastructures. He has worked with law enforcement agencies in the US and Europe and global corporations. Hal is a SANS Faculty Fellow, and a respected author and speaker at industry gatherings worldwide.