BelkaDay Conference

October 21-22, 2024

This event is over. The recording is coming soon!

At the BelkaDay Conference, we bring together industry leaders, digital forensic investigators, incident responders, law enforcement professionals, and technology enthusiasts from around the world to share knowledge, exchange ideas, and collaborate on advancing the field of digital forensics and incident response.

What to Expect

Insightful presentations
Guidelines and tips from experienced practitioners

Belkasoft presentations

Staying Ahead: Belkasoft's Solutions for Today's Digital Forensics

Yuri Gubanov

Belkasoft CEO

AI in Forensics: How BelkaGPT is Transforming Digital Investigations

Yuri Gubanov

Belkasoft CEO

Mobile Forensics in the Era of Advanced Security: What Examiners Need to Know

Belkasoft Knowledge Team

Overcoming Distance: The Power of Remote Acquisition with Belkasoft R

Belkasoft Knowledge Team

Guest speakers and presentations

In-Depth Scrutiny of SEGB Files for Pattern of Life Data

Alexis Brignoni

A special agent of a Federal Law Enforcement agency, Florida.
SANS digital forensics examiner

Traces of Application Execution on Android and iOS

Mattia Epifani

CEO and digital forensics analyst at Reality Net System Solutions, SANS certified instructor, contract professor at UNIGE

The Expert Witness—Walking the High Wire in Criminal and Civil Courts

Jan Collie

Digital forensic specialist and managing director at Discovery Forensics Ltd., expert witness

Recovering Encrypted Evidence with Passware

Toni Pärn

Director of sales at Passware, an expert in encrypted electronic evidence discovery and decryption

Android Application Forensics: Obfuscation, Obfuscation Detection, De-obfuscation, and How They Affect Investigations

Rhythm Kr Dasgupta

Digital forensic & incident response manager at Bandhan Bank

Digital Evidence: Lawyers, Judges, Prosecutors & Juries. What Could Possibly Go Wrong?

Basil (Vassilios) Manoussos

Manager of the Cyber Academy at Edinburgh Napier University, forensic scientist, expert witness in digital evidence

Time and Place in Digital Forensic Science

Matthew Sorell

Director and chief technology officer at Digital Forensic Sciences Australia Pty Ltd

Advanced Incident Response and Forensic Strategies for Detecting and Responding to Unknown Malware and Zero-Day Attacks

Vedant Narayan

DFIR scientist at Cert-In

Video Evidence: Challenges and Opportunities, Old and New

Marco Fontani

Forensics director at Amped Software

About Belkasoft

Belkasoft is a global leader in digital forensics and cyber incident response software development.

Belkasoft products help customers in over 130 countries to solve digital forensic cases, respond to cyber incidents, conduct eDiscovery investigations, and protect precious business assets from cyber threats.

With Belkasoft, your digital investigations become easier, faster and more effective.

Testimonials from the previous BelkaDay Conference

“Belkasoft and Yuri Gubanov are really doubling down on free resources for forensics professionals. Many tool-sponsored conferences are only showcases of what a piece of software can do. Not so with hashtag #Belkaday2024 most of the presentations highlighted important developments and insights into the DFIR industry as a whole. A very worthwhile experience.”

JB Brooks, Cyber Crimes Lab Director, United States

“Thank you to everyone at Belkasoft. You all truly contribute to the protection of the innocent. I cannot wait to attend next year!”

Avinash Perera, Team Lead, Security and Intelligence, United States

“With the end of the conference, I can definitely say that it has been a worthwhile experience. In spite of being only two days, I feel like I've gained an enormous amount of knowledge.”

Eduard-Cristian Sirbu-Boeti, student, Romania

“Thank you Belkasoft for this opportunity and the great event.”

Mohammad Snono, Senior Information Security Consultant, Saudi Arabia

“Thanks for coordinating this event. The talks have been interesting and insightful so far.”

Matthew Plascencia, DFIR Research Team Lead, United States

Program

The time slots listed below are in UTC+7

Staying Ahead: Belkasoft’s Solutions for Today's Digital Forensics

14:00 - 15:00

In today's fast-paced technological environment, digital forensics professionals face increasingly complex challenges—from encrypted communication and ever-evolving data storage formats to sophisticated cybercrime tactics. This presentation explores how Belkasoft, a leader in digital forensics and cyber incident response software, tackles these obstacles with innovative solutions, helping investigators stay ahead of the curve in the rapidly changing digital world.

Yuri Gubanov
Belkasoft CEO

Traces of application execution on Android and iOS

15:00 - 15:30

Live only, no recording for this session.

In mobile forensics, application data often reveals the most crucial details. But how can you identify which applications were in use? This lecture will guide you through building an investigation process to uncover details about application usage in two situations: when the application is still on the device and when it has been removed.

Mattia Epifani
CEO and digital forensics analyst at Reality Net System Solutions, SANS certified instructor, contract professor at UNIGE

AI in Forensics: How BelkaGPT is Transforming Digital Investigations

15:30 - 16:00

Will artificial intelligence (AI) reshape how DFIR professionals conduct investigations? This presentation explores the evolving role of AI in digital forensics, highlighting its benefits and challenges. It demonstrates how AI's adaptability, speed, and emotional resilience enhance forensic investigations, with a focus on specific applications like BelkaGPT, an AI-driven assistant for digital forensics based on a large language model (LLM).

Yuri Gubanov
Belkasoft CEO

Recovering Encrypted Evidence with Passware

16:00 - 16:30

Encrypted data can be a showstopper for a digital forensics investigation—unless you have the instruments to break it. This session, presented by Passware, a leader in encrypted evidence discovery and decryption solutions, will discuss the latest features designed to help investigators access encrypted data from mobile and computer devices, providing examples of successful decryption techniques.

Toni Pärn
Director of Sales at Passware and speaker at DFIR conferences. An expert in encrypted electronic evidence discovery and decryption

Mobile Forensics in the Era of Advanced Security: What Examiners Need to Know

16:30 - 17:30

Modern smartphones are like miniature black boxes, continuously recording their owners' contacts, calls, plans, conversations, interests, thoughts, movements, and more. Given the sensitivity of this data, device manufacturers and application developers implement extensive security measures to protect it, both at rest and in transit, providing no backdoor access to law enforcement. So, how can you extract this critical data for digital forensics investigations?

This presentation explores the advanced security mechanisms used in mobile devices and applications. It provides an overview of the methods available to bypass these protections when legitimate access is required and looks into the advanced mobile data acquisition and extraction techniques offered by Belkasoft X.

Belkasoft Knowledge Team

The Expert Witness: Walking the High Wire in Criminal and Civil Courts

17:30 - 18:00

Most digital forensic examiners, especially those dealing with criminal matters, will be called to give evidence at some point in their career. In this talk, Jan Collie who has acted as an expert witness for more than 18 years discusses the challenges forensic examiners may face when providing expert testimony. Her talk looks at the everyday experience of the expert witness, exploring the tangled web which is obtaining the right evidence, interpreting the evidence, dealing with legal teams, sticking to the rules and giving evidence in a variety of criminal and civil courts while attempting, at all points, to avoid judicial criticism and potential negligence proceedings.

Jan Collie
Digital Forensic Specialist and Managing Director at Discovery Forensics Ltd., Expert Witness

Video Evidence: Challenges and Opportunities, Old and New

18:00 - 18:30

In many investigations, video evidence serves as a precise and reliable "eye witness" to events. However, it is not always the easiest data source to work with. This presentation discusses the old and new challenges and opportunities that video evidence brings to digital investigations. It highlights statistics showcasing the impact of video evidence in modern investigations and provides an overview of key complexities, from footage acquisition to conversion, analysis, interpretation, and presentation. Lastly, it explores the influence of AI technologies on the field, addressing the challenges and possibilities they introduce.

Marco Fontani
Forensics Director at Amped Software

Overcoming Distance: The Power of Remote Acquisition with Belkasoft R

14:00 - 14:30

Organizations spread across different locations, whether corporate or government, often need to collect data from remote devices during digital forensics and cyber incident investigations. This presentation will show how Belkasoft R makes this task easier. With its powerful tools, you can quickly and securely gather data from hard drives, memory, and mobile devices—even when the devices are far away. We will cover the key features and explain why Belkasoft R is the perfect solution for remote data collection.

Belkasoft Knowledge Team

Android application forensics: An examination of methods for obfuscation, obfuscation detection, and de-obfuscation, as well as how they affect investigations

14:30 - 15:00

Obfuscation techniques in the Android ecosystem are used both by application developers for code optimization and protection and by bad actors to evade malware detection. This presentation covers methods for detecting obfuscation and techniques for de-obfuscation, offering an overview of current research and tools, along with practical strategies for overcoming these challenges in digital forensics.

Rhythm Kr Dasgupta
Digital forensic & incident response manager at Bandhan Bank

Digital Evidence: Lawyers, Judges, Prosecutors & Juries. What could possibly go wrong?

15:00 - 16:00

Police investigators and expert witnesses are trained professionals dealing with digital evidence. But what happens when the evidence is in the hands of lawyers, prosecutors, judges and juries? What happens when people that are hardly exposed to the digital artifacts and evidence, are called to make important judgement calls?

In this presentation, Basil will talk about issues with digital evidence in prosecutions and will invite you to be part of the jury in a brief mock trial!

Basil (Vassilios) Manoussos
Manager of the Cyber Academy at Edinburgh Napier University, forensic scientist, expert witness in digital evidence

Time and Place in Digital Forensic Science

16:00 - 16:30

Everywhere you go, digital traces are left behind. Mobile devices, wearables, and sensors capture a lot of people's daily activities. However, when it comes to using these devices to gather a comprehensive view on locations and timelines for investigations, the task is far from straightforward.

This presentation introduces an innovative map visualization technique developed by Digital Forensic Sciences Australia, which employs a unique approach to interpret sparse time-location data. It explains how this method, already operational in missing persons investigations in Australia, helps narrow down the geographical focus of investigations. You will see the current capabilities of the prototype tool and explore the examples of its practical use cases.

Matthew Sorell
Director and Chief Technology Officer at Digital Forensic Sciences Australia Pty Ltd

Advanced Incident Response and Forensic Strategies for Detecting and Responding to Unknown Malware and Zero-Day Attacks

16:30 - 17:00

This session will explore some of the techniques that unknown malware and zero-day attacks use to stay off the radar and evade detection. It will discuss the limitations of existing off-the-shelf tools, such as antivirus software and signature-based detection systems, which often fail to identify the signs of compromise associated with these advanced threats.

You will learn about key memory, disk, and network forensic artifacts that are crucial for identifying these threats. The session will also highlight how combining human intelligence with existing forensic tools can help detect such attacks. To illustrate these concepts, we will walk through a real-world example that demonstrates the detection and analysis process.

Vedant Narayan
Scientist at Cert-In

In-depth scrutiny of SEGB files for pattern of life data

17:00 - 18:00

iOS and macOS devices track many of their users' actions for internal purposes, storing this data in system files. When acquired for investigations, this data allows digital forensic examiners to reconstruct a detailed picture of users' interactions with their iOS devices and applications. In earlier iOS versions, the knowledgeC database, and more recently SEGB files, are key system artifacts for putting together this valuable "pattern of life" data.

This session provides practical examples of how knowledgeC and SEGB files are used in digital investigations. It also demonstrates how forensic tools like Belkasoft X help effectively parse and validate this data, enhancing the accuracy and depth of forensic analysis.

Alexis Brignoni
A special agent of a Federal Law Enforcement agency, Florida. SANS digital forensics examiner