High Technology Crime Investigation Association
Prev MonthPrev Month Next MonthNext Month
NY Metro Chapter : Memory Day
Thursday, December 10, 2020, 1:00 PM - 4:00 PM EST
Category: Webinar

 Make 2020 a memory with Memory Day!

 

NY Metro Chapter is excited to announce Memory Day, with speakers Alissa Torres, Aaron Sparling and Jamie Levy on Dec 10, 1 - 4 PM

 

 

Aaron Sparling

Digital Forensic Examiner, Portland Police Bureau

Title: Sowe Me the Money!

Abstract: Utilizing the analysis of physical memory to drive your investigative process and quickly locate artifacts relevant to solving user investigations. This talk will illustrate techniques and a work flow that you can use to analyze RAM to rapidly locate and analyze artifacts such as; MFT, prefetch, link files, passwords, encrypted containers, registry, and so much more. Follow me as we walk through the investigation from collection to analysis and ultimately locating the evidence 

 

Alissa Torres

Threat Intelligence and Analysis Sr Manager, Cigna

Title: IR Pivots into Memory Analysis

Abstract: Most analysts are strapped for time, with too many alerts and too many dashboards to survey to find critical incident details. How and when can memory analysis help? Let’s jump into some use cases where digging into system memory can propel an investigation! We’ll pivot into memory to discern attackers’ discovery and defense evasion techniques. Next up, we’ll use what we have identified to create and test adversary detection signatures.

 

Jamie Levy 

Core Developer, Volatility Project

Title: Overcoming Obstacles in Memory Forensics

Abstract: What can you do when your favorite memory analysis tool doesn’t give you the results you need? What if your memory sample has issues arising from a bad acquisition? How can you troubleshoot and fix the issue? In this talk we’ll take a look at some of the most common issues that arise when doing memory analysis, and will come away with tips that can help overcome these problems and get you back to solving your case.

 

More details to come!

 

Upon registration, you will receive the registration to the zoom webinar. 

 


If you have any questions, please let us know.

Respectfully, Your HTCIA 2020 Chapter Board!

President, Warren Kruse
1st Vice President, Jessica Hyde
2nd Vice President, Bill Moylan
Secretary, Emmah Padilla
Treasurer, George Wade

Jamie Levy 

Core Developer, Volatility Project

Overcoming Obstacles in Memory Forensics
What can you do when your favorite memory analysis tool doesn’t give you the results you need? What if your memory sample has issues arising from a bad acquisition? How can you troubleshoot and fix the issue? In this talk we’ll take a look at some of the most common issues that arise when doing memory analysis, and will come away with tips that can help overcome these problems and get you back to solving your case.

Contact: Emmah Padilla, Secretary NY Metro HTCIA