Webinar: Where DF meets IR: an incident response case, which turned out to be a criminal one

Due to the current situation in the world large-scale breaches are growing in intensity and frequency, for example, the number of breaches increased 273% in the first quarter of 2020, compared to the same period 2019. In 2021 the tendency remains unchanged. Lots of companies are vulnerable to cybercrimes, and insider threats are one of the greatest problems.

During this webinar we will review a fake case, in which all starts with a simple information disclosure. An important document leaks from a corporation and an incident response case begins. However, some of findings lead to another type of investigation, and that’s where ‘digital forensics’ meets ‘incident response’. We will cover some important incident investigation techniques as well as digital forensic methods to analyze different types of data sources. The case is fictitious, however the approaches used are real.

The main topics, which will be covered during this webinar include:

  • Search and OCR of scanned documents to enable text indexing
  • Detecting use of USB to copy a file
  • Determining user logged by a given time
  • Malware detection in memory processes
  • Traces left behind remote sessions
  • Automated pornography detection in pictures and videos
  • Multiple video streams: why important, detection, content analysis
  • Volume shadow copy snapshot analysis
  • SQLite forensics
  • File and data carving
  • Hashset analysis, creating your own hashsets
  • Triage analysis and customizing triage

The webinar will be useful to both corporate incident responders and government digital forensic examiners.