Distributed Forensics Across Time and Space

Johan Berggren
Google

Daniel White
Google

Workshops

This interactive workshop will introduce open source digital forensics tools that brings together the reach of GRR, the processing depth of Plaso and the analytic and collaborative capabilities of Timesketch. You’ll learn how to rapidly triage multiple hosts, track malware across an enterprise, and spin your CPU fans really quickly.

Requirements:

  • Laptop with an SSH client installed

Johan Berggren
Johan Berggren is a security engineer at Google and has more than 15 years of experience of information security, incident response and digital forensics. Between responding to incidents he develops Timesketch, the open source forensic timeline analysis tool.

Daniel White
Daniel White is a security engineer at Google and the tech lead for the Plaso project. He is focused on keeping people and data safe. He works on forensics, incident response and tool development.