High Technology Crime Investigation Association
Prev MonthPrev Month Next MonthNext Month
2020 HTCIA Silicon Valley 3-Day Training - POSTPONED
Aruba Networks
3333 Scott Blvd
Santa Clara, CA 95054
Tuesday, May 12, 2020, 8:30 AM to Thursday, May 14, 2020, 5:30 PM EDT
Category: Chapter Meeting


Join HTCIA Silicon Valley for our annual three-day hybrid training event! Due to COVID-19 restrictions, this training will be carried out virtually via Zoom.  Registrants will be provided with information in advance to prepare for this live online training event.  It will be POST certified.  Registration fees have been reduced and scholarships are available upon request for those who have no budget for training.

Confirmed Speakers/Topics

Andrew Lewman – Building a Raspberry Pi Darknet Workstation for Investigations (4 hours)

The objective of this course is to provide students with a working knowledge of darknets, their underlying protocols, and practical forensics of darknet technologies both on the wire and on devices.  NOTE:  Since this training is being carried out virtually rather than in person, each person who would like the full experience of building their own raspberry pi network should acquire a raspberry kit which you will have for conducting your own investigations moving forward.  This kit will need to connect to an HDMI monitor or TV, and you will need a keyboard as well.  https://www.canakit.com/official-raspberry-pi-4-desktop-kit.html

Marcela Denniston – Think Like the Wolf, A Beginners Guide to Cyber Hunting (4 hours)

Understanding how cyber adversaries operate is not always a trivial task, but it is critical when development a threat hunting process for your organizations.  This course will help students understand how to use the cyber kill chain to understand threats and how to apply the Diamond Model to hunt for adversaries affecting your organizations.

Kirby Plessas – OSINT (4 hours)

From operational security to greater investigative efficiency, Open Source Intelligence (OSINT) methodology represents a skillset and way of thinking that radically changes many investigators' understanding of how to use the internet for investigation and enforcement.  An investigator should be able to accurately identify the risks of an online investigation and appropriately apply tools to mitigate these risk.  An investigator's choice, institutional policy and the very infrastructure of the Internet all shape digital identifiers left behind by every user.  Knowing these identifiers and exploring techniques to view websites with anonymity is a good start to security an internet investigation.  In addition to OPSEC principles, this fast-paced workshop will survey a broad variety of OSINT tools and techniques.

Laura Chappell – Network Forensics with Wireshark (4 hours)

This course will consist of four sections focusing on Wireshark skills and techniques to identify network anomalies, reconnaissance processes, denial of service attacks, privileged requests, and more.  This is an essential course set for network analysts responsible for securing networks by analyzing traffic patterns.

Keith Lockhart, Oxygen Networks - Mobile Device Investigations (2 hours)

Mobile device investigations can be just as complex as computer investigations as the players and concers are the same despite the perception of less data equals less work.  Good old-fashioned investigative work still applies, but today the investigator and the technology should be helping each work together to answer the age-old questions ... who, what, when, where, why and how ... This presentation will explore the methods of organizing the chaos of mobile communications inside the Oxygen Forensic Detective technology.

Derrick Donnelly, BlackBag - Catalina:  A Voyage Through Apple's Artifacts (2 hours)

This course will review changes to Mac OS X Catalina (10.15) and how the changes can affect the investigations of Macintosh computers.  The class is geared towards investigators who perform digital forensic analysis of computers or are involved in the seizure of digital devices or media.  An update will also be provided to explain the changes investigators need to know to prepare for Apple Search Warrant orders.  Hear from the Apple experts how Catalina's new organization of system versus user files may change ivnestigative techniques.  And more...

Det. Tony Moore, Los Angeles County Sheriff's Department -  Advanced Crypto Concepts - Transaction Tracing and Cryptocurrency Seizures

This course is designed to provide law enforcement personnel with a course of instruction, expanding on the basic concepts of cryptocurrencies.  Through this detailed course of instruction, each student will learn the origins of Bitcoin, the basics of addresses, transactions, hardware wallet functionality and how to effectively follow and seize the money.  Students will also learn about the different alternative currencies designed to offer more anonymity often referred to as "Privacy Coins"; understanding the Lightning Network; and implementation of obfuscation concepts like Minblewimble and what it means for investigations.  This course is the only course to offer hands-on lab exercises in a LIVE Bitcoin learning lab environment, giving students the opportunity to transact with Bitcoin.

Brett Millar, Fitbit - Data Analytics in Support of Law Enforcement and Internal Investigation

In addition to outlining the history and importance of law enforcement and industry partnerships, the course will highlight law enforcement requests at Fitbit, how Fitbit data is captured and stored.  Also covered will be the legal process required to acquire that stored data, with examples of cases where Fitbit data has been utilized to solve casaes.

Jim and Chris Cook, Premier Cellular Mapping and Analytics - Cellular Phones & Digital Evidence, the New DNA (4 hours)

Attendees will learn the value of cellular phone and digital evidence and how to maximize the evidence they can obtain when they are investigating and prosecuting cases.

DDA Erin West, Santa Clara County - Legal Updates (2 hours)


Contact: [email protected]