2015 Program

 

Time Track 1 Track 2
8:00 am Registration and Breakfast
9:00 am Welcome and Conference Overview
9:10 am Autopsy: Wait, there are still more features?
speaker: Brian Carrier  (slides)
9:45 am Feasting off the Hunt
speakers: The Volatility Development Team (slides)
10:20 am Break
10:35 am Python Autopsy: A Quick Intro to Scripting Autopsy
speaker: Brian Carrier (slides)
11:10 am Autopsy Module Challenge Results
11:40 am Lunch – Live Forensics Lunch Recording with David Cowen (video)
12:40 pm Collaborative Autopsy: Enterprise Open Source Forensics
speaker: Richard Cordovano (slides)
NTFS Unstuck in Time
speakers: Jon Stewart, Zack Weger (slides)
1:15 pm Break
1:20 pm Inferring Past Activity from Partial Digital Artifacts
speaker: Jim Jones (slides)
Turbinia: Cloud-scale forensics
speakers: Cory Altheide and Johan Berggren
1:55 pm Break
2:00 pm Rapid Recognition of Blacklisted Files and Fragments on Secondary Storage Media
speakers: Michael McCarrin and Bruce Allen (slides)
FIDO: Automated Security Incident Response
speaker: Rob Fry (slides)
2:35 pm Break
2:55 pm Introducing SQUID: A tool to ‘fuzzy match’ SQLite databases; don’t miss evidence because the app updated!
speakers: Ryan Benson (slides)
Live Response Collection Overview
speakers: Brian Moran (slides)
3:30 pm Break
3:35 pm Forensic Artifact Correlation via Elastic
speakers: Matthew Seyer & David Cowen (slides)
Short Updates from Previous Speakers
4:10 pm Break
4:15 pm New generation timeline tools: A case study and Plaso Parser Workshop
speakers: Daniel White (slides)
4:50 pm Lightning Talks
5:15 pm Networking Cocktail Reception