Malware Forensics in Minutes

BSides MSP 2017

Presented by: Jeremiah Cruit
Date: Saturday June 24, 2017
Time: 13:30 - 14:15
Location: Track 1

If it takes you hours to get forensic data on malware instead of minutes you need a new tool. An analysis and demonstration of current "Endpoint Detection and Response (EDR)" tools and what to look for in them. Looking at quickly determining root cause of an infection to understanding exactly what the scope and magnitude of the breach really is by looking at what systems were communicated with and what files were touched. And then hunting, so much fun with hunting, what it actually means and what value it can bring other than something fun to do when nothing is on fire.

Jeremiah Cruit


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats