How to forensic, how to fuck forensics and how to un-fuck cyber forensics.
Defense: WTF is a RoP, why I care and how to detect it statically from memory. Counteract "Gargoyle" attacks.
Defense: For one of DEF CON 24's more popular anti-forensics talks (see int0x80 - Anti Forensics). In memory (passive debugging) techniques that allows for covert debugging of attackers (active passive means that we will (try hard to) not use events or methods that facilities are detectable by attackers).
Offense: CloudLeech - a cloud twist to Ulf Frisk Direct Memory Attack