Sometimes you want to be able to pull forensic images off your production hosts but you want to make sure you set that up correctly because if you don’t people might steal customer financial data or cryptocurrency private keys for hot wallets or something and that would be a very bad day for you and for the cryptocurrency community. This talk introduces Dexter, a forensics tool for high security environments. Dexter makes sure that no single person can do scary forensics things, and that the scary results of the scary forensics things can only be read by people who aren’t scary. I’ll give an overview of the Coinbase production environment, data pipeline, and detection tooling to set the stage for when we might use Dexter. Then we’ll walk through how Dexter works and do a demo that will totally work and not have any technical issues whatsoever.