Willi Ballenthin is a consultant at FireEye who specializes in incident response and computer forensics. He can typically be found investigating intrusions at Fortune 500 companies and enjoys reverse engineering malware, developing forensic techniques, and exploring the cutting edge. Willi is the author of a number of cross-platform Python libraries including python-registry, python-evtx, and INDXParse.py.
Nicole L. Beebe
Nicole L. Beebe is an Assistant Professor in the Department of Information Systems & Cyber Security, at the University of Texas at San Antonio. Dr. Beebe has over fifteen years of commercial and government experience in digital forensics. She was a computer crime investigator for the Air Force Office of Special Investigations from 1998-2007. She is a licensed private investigator and holds two certifications in digital forensics (EnCE and ACE). She has published digital forensics research in Journal of Digital Investigation, Decision Support Systems, and IEEE Transactions on Information Forensics and Security.
Brian leads the digital forensics team at Basis Technology, delivering services and developing custom systems. He is the author of the book File System Forensic Analysis and developer of several open source digital forensics analysis tools, including The Sleuth Kit and the Autopsy digital forensics platform. Brian has a Ph.D. in computer science from Purdue University and worked previously for @stake as a research scientist and the technical lead for their digital forensics lab. Brian is on the committees of many conferences, workshops and technical working groups, including the Annual DFRWS Conference and the Digital Investigation Journal.
Harlan Carvey is a Sr Researcher with Dell SecureWorks CTU team. He is the author of RegRipper, and the author of 7 DFIR books, with 5 editions translated into 4 foreign languages. Harlan cannot pronounce “malware” correctly.
Richard is a software engineer on the digital forensics team at Basis Technology. He is currently the development team lead for Autopsy. Prior to joining Basis Technology, Richard did software development at the Defense Cyber Crime Center (DC3). Before finding his niche in the world of digital forensics, Richard’s career included writing ballistic missile defense simulation software, writing business intelligence software, and a brief stint in the video games industry. Richard earned a Master of Science degree in Computer Science at Colorado Technical University and a Bachelor of Science Degree with a minor in Applied Mathematics at the University of Colorado.
Mari DeGrazia has over 12 years in information technology as well as a Bachelors of Science in Computer Science from Hawaii Pacific University. In addition to her degree she has achieved the following certifications: EnCE, CHFI, CCFE, AME and MCSE.
Over the course of her career, Mari has provided services such as database design and implementation, programming, networking administration and computer forensics. Currently she works for the Verizon RISK Team as a computer forensics examiner.
In her spare time she enjoys researching forensic artifacts, which includes writing and releasing open source tools.
Simson L. Garfinkel is an Associate Professor at the Naval Postgraduate School. Based in Arlington VA, Garfinkel’s research interests include digital forensics, usable security, data fusion, information policy and terrorism. He holds seven US patents for his computer-related research and has published dozens of research articles on security and digital forensics. He is an ACM Fellow and an IEEE Senior Member, as well as a member of the National Association of Science Writers.
Hongyi Hu is a researcher in the Cyber System Assessments Group at MIT Lincoln Laboratory. His work focuses on mobile authentication systems, low level hardware instrumentation and analysis. His research interests also include cyberpolicy, privacy, security economics, psychology, and intellectual property.
Dr. Vico Marziale
Dr. Vico Marziale, Managing Partner at 504ENSICS Labs in New Orleans has a PhD in Computer Science from the University of New Orleans. His day-to-day includes work all over the computer security space: penetration testing, digital forensic investigation, malware analysis and incident response. What he actually enjoys doing though, is research and development for new tools and techniques supporting all of those other activities. He is co-developer of the Scalpel file carver, Registry Decoder for Windows registry forensics and Spotlight Inspector for analysis of OSX Spotlight metadata indexes. He has published and/or presented and/or demo’ed all over including DFRWS, OSDF, BlackHat, multiple Security BSides, DOD Cybercrime, and RSA. Vico is also one of the organizers of Security BSides NOLA.
Jonathan is a UI-focused software engineer on the digital forensics team at Basis Technology. Prior to joining Basis Technology, Jonathan was a software developer at the MIT Humans and Automation Lab and a musically inspired 3D animator for SoundSpectrum and Harmonix Music Systems. Jonathan holds a BS in Computer Science and Digital Art from Northeastern University.
Ann Priestman is a software engineer on the digital forensics team at Basis Technology, where she works on mobile forensics and cyber security modules for Autopsy. Prior to joining Basis Technology, Ann worked as a cryptanalyst and programmer for the Department of Defense. She received her BS in Computer Science and Mathematics from the University of Maryland, Baltimore County.
As the Lord Commander of Security Research at Narf Industries, Ben Schmidt relentlessly penetrates complex systems. Since 2012, Ben has been a core member of “Samurai”, competing in (and winning) many world-wide CTF competitions. He is a passionate practitioner of memory corruption, a strong believer in the awesome power of “”strings””, and a leading expert in the field of completely epic pwnage. Ben has a MS in Computer Science from the University of Tulsa, and is not a CISSP.
Chad Spensky is a member of the Cyber System Assessments Group at MIT Lincoln Laboratory. His current research interests include: authentication protocols, malware analysis, cyber-physical security, novel introspection techniques, and smart card security.
Antonio Cesar Vargas
Antonio Cesar Vargas is a new graduate from John Jay College of Criminal Justice under the Digital Forensic and Cybersecurity Masters program. Cesar holds a Bachelors of Science degree in Computer Science from Queens College. He provides consulting services related with PCI-DSS compliance and on his spare he does malware research, especially malware that targets the Android operating system.
The Volatility Development Team
The authors of this presentation are the core developers of The Volatility Framework (@volatility) and the authors of the highly anticipated book, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory. These are the same analysts who have spent the past decade using memory analysis on a daily basis to augment digital investigations, malware analysis, and reverse engineering. This team actively maintains and supports the Volatility software and its thriving community. This team also offers the authoritative training in memory and malware analysis, which has been taught for numerous commercial and government organizations around the world. They have presented at a variety of industry leading conferences that include RSA, Blackhat, Defcon, DoD Cyber Crime Conference, DFRWS, American Academy of Forensics Sciences, and Europol’s High Tech Crime Expert Meeting.