This session will present case studies from the Klein & Co. DFIR team in collaboration with Mike Cohen (former lead of Grr at Google) in the development and use of Velociraptor, an open source tool which allows for truly surgical collection and analysis of forensic evidence across networks, in a wide range of investigations ranging from theft of confidential data to complex network breaches.

Learning Objectives:
1: Learn the key concepts for forensic evidence collection and analysis across your network.
2: Understand how Velociraptor supports a wide range of investigations and operational needs.
3: Be able to download and use Velociraptor for immediate results on your company networks.

Pre-Requisites:
While no specific technical knowledge is required, participants who have some practical experience conducting digital forensic investigations and cyber-incident response will gain the most from the session.

Download pdf
Participants: