This webinar is live only and will not be available on-demand.

It all started with a simple information disclosure. An important document leaked from a corporation and an incident response case began. However, some of findings led to another type of investigation.

During this presentation, we will cover some important incident investigation techniques, as well as digital forensic methods to analyze different types of data sources. The case is fictitious, however, the approaches used are real.

Topics to be discussed:
• Search and OCR of scanned documents to enable text indexing
• Detecting use of USB to copy a file
• Determining the user logged by a given time
• Malware detection in memory processes
• Traces left behind during remote sessions
• Automated pornography detection in pictures and videos
• Multiple video streams: importance, detection and content analysis
• Volume shadow copy snapshot analysis
• SQLite forensics
• File and data carving
• Hashset analysis and creating your own hashsets
• Triage analysis and customizing triage

This webinar will be useful to both corporate incident responders and government digital forensic examiners.

This webinar is sponsored by Belkasoft. NW3C is providing the webinar so that attendees can have more information with which to evaluate how this capability might add value to them and the organizations they serve. NW3C does not share webinar attendees’ personally identifiable information with any third party without opt-in consent given during registration.

The views and opinions expressed in this presentation are those of the individual presenters and do not represent official policy, position, opinions, or views of NW3C.

Presented by:
Yuri Gubanov, Belkasoft