Training Registration

Where DF Meets IR: An Incident Response Case Which Turned Out to Be a Criminal One
Tue, Jan 19, 2021 1:00pm-2:30pm Eastern
Duration: 90 Minutes

This webinar is live only and will not be available on-demand.

It all started with a simple information disclosure. An important document leaked from a corporation and an incident response case began. However, some of findings led to another type of investigation.

During this presentation, we will cover some important incident investigation techniques, as well as digital forensic methods to analyze different types of data sources. The case is fictitious, however, the approaches used are real.

Topics to be discussed:
• Search and OCR of scanned documents to enable text indexing
• Detecting use of USB to copy a file
• Determining the user logged by a given time
• Malware detection in memory processes
• Traces left behind during remote sessions
• Automated pornography detection in pictures and videos
• Multiple video streams: importance, detection and content analysis
• Volume shadow copy snapshot analysis
• SQLite forensics
• File and data carving
• Hashset analysis and creating your own hashsets
• Triage analysis and customizing triage

This webinar will be useful to both corporate incident responders and government digital forensic examiners.

This webinar is sponsored by Belkasoft. NW3C is providing the webinar so that attendees can have more information with which to evaluate how this capability might add value to them and the organizations they serve. NW3C does not share webinar attendees’ personally identifiable information with any third party without opt-in consent given during registration.

The views and opinions expressed in this presentation are those of the individual presenters and do not represent official policy, position, opinions, or views of NW3C.

Presented by:
Yuri Gubanov, Belkasoft


Affirmation of Eligibility
By checking this box, I attest that the subject of this training is related to my work and that I am employed:

(Limit 100 character max.)



NW3C Privacy Statement
Yes, I have read, understand, and agree with the NW3C privacy statement.

OPTIONAL: Check this if you agree that NW3C may share my Personally Identifiable Information.
I agree that NW3C may share my Personally Identifiable Information, including, but not limited to, my email address, with third-party vendors in connection with this NW3C product in accordance with NW3C’s privacy statement.