2017 Agenda


Time Track 1 Track 2
9:00 am Opening Remarks
9:10 am Alexa, Are You Skynet?
speakers: Brian Moran & Jessica Hyde (slides)
9:45 am Correlating Autopsy Cases
speaker: Brian Carrier (slides)
10:20 am Break
10:35 am Understanding Mac OS File System Events with FSEventParser
speaker: Nicole Ibrahim (slides)
11:10 am Autopsy Module Challenge Results
11:40 am What’s Missing in Open Source?
12:00 pm Lunch
1:00 pm The Rekall Agent – Leveraging cloud technologies for DFIR at scale
speaker: Michael Cohen (slides)
Some Cool Mac Stuff
speaker: Jon Stewart
1:35 pm Break
1:40 pm A Database for Forensics – Artifact Correlation with ArangoDB
speakers: David Cowen & Matthew Seyer (slides)
The Death (and Life) of Deleted File Contents
speaker: Jim Jones (slides)
2:15 pm Break
2:20 pm Rapid Incident Response
speaker: Asif Matadar (slides)
Triaging Media with Autopsy
speaker: Richard Cordovano (slides)
2:55 pm Break
3:10 pm Defending in the Dark: Guerrilla Tactics for Mobile Incident Response
speakers: Andrew Hoog (slides)
Plug Me in Renzik, Autopsy Plugins Now and in the Future.
speaker: Mark McKinnon (slides)
3:45 pm Break
3:50 pm How I met your browser: going incognito doesn’t hide your browsing from Ragamuffin.
speaker: Alessandro De Vito (slides)
IO – Simplistic Forensic Imaging
speaker: Andrew Ziehl (slides)
4:25 pm Break
4:30 pm FLOSS every day – automatically extracting obfuscated strings from malware
speaker: William Ballenthin (slides)
5:05 pm Lightning Talks
5:30 pm Networking Cocktail Reception