This week is a case study that demonstrates how fundamental DFIR triage methods can detect advanced attacks. Examiners, especially newer examiners, should find confidence in the fact that standard triage techniques have such a powerful impact on security investigations.
This week Nato Riley from Blumira pays a visit to talk about the top threats to cloud computing.
This week we continue with the Windows fast triage series and talk about lateral movement evidence that may be found in admin shares event records. Four different types of logs are covered, each containing different information for triage purposes.
This week SUMURI's Steve Whalen (a.k.a. 'MacBoy') and Dave Melvin talk about the latest in Mac training and certification. Learn the advantages of vendor neutral training and how to prioritize it in your own training regiment.