Event

National Cyber Crime Conference

April 26 - 30, 2021 •  Online, Worldwide

This year at NCCC, hear Brian Carrier, Basis Technology’s CTO, speak about two different topics – Autopsy and automating investigations…

Title: Autopsy 2021: What’s New in Open Source Forensics

Speaker: Brian Carrier

Abstract: Autopsy is a free, open source tool that is constantly evolving and improving.  Come attend this talk to learn about what has changed in the past year (or so). You’ll learn about our themes around collecting more artifacts to give you a complete picture, but also how we are focused on showing you only the most relevant ones.  We’ll talk about more iOS and Android artifacts, drones, maps, web domain categorization, Solr clouds, and much more.

Title: Automating Intrusion Investigations for Speed and Comprehensiveness

Speaker: Brian Carrier

Abstract: Intrusion investigations are complicated.  You have an adversary who is trying to blend in and avoid detection. There are so many places to look at for evidence and they are constantly changing.  Automation is critical to quickly performing the investigation and ensuring it is complete.  In this talk, we will cover how you can automate an intrusion investigation and where a human investigator still plays a key role. We’ll talk about the importance of prioritizing what artifacts to look at and pulling on all threads of the investigation.

To show the automation concepts, we’ll show an example of how Cyber Triage strives to simplify the process.  We’ll also briefly talk about our Divide and Conquer DFIR process, which is a systematic way to approach intrusion investigations. There is a free, 3-hour course and we’ll talk about some of the basic concepts.

National Cyber Crime Conference