Time: 6:30 pm - ??
Location: Aon Center 200 E. Randolph Chicago, IL 60601
Floor number: 55
Room: London A&B
If interested in joining us, please send me an email with your full first and last name to reserve a spot (and to be added to the security list) at: [masked]
About the presenter: Chad Tilbury has spent over twelve years responding to computer intrusions and conducting forensic investigations. His extensive law enforcement and international experience stems from working with a broad cross-section of Fortune 500 corporations and government agencies around the world. During service as a Special Agent with the Air Force Office of Special Investigations, he investigated and conducted computer forensics for a variety of crimes, including hacking, abduction, espionage, identity theft, and multi-million dollar fraud cases. He has led international forensic teams and conducted computer incident response at some of the largest organizations in the world. Chad is a graduate of the U.S. Air Force Academy and holds a B.S. and M.S. in Computer Science as well as GCFA, GREM, ENCE, and CISSP certifications. In addition to serving as faculty at the SANS Institute, he is currently a consultant specializing in incident response, corporate espionage, and computer forensics.
Follow him on Twitter @chadtilbury or at ForensicMethods.com
Title of presentation New School Forensics: Latest Tools and Techniques in Memory Analysis Whether you are just getting started with memory forensics, or you have been at it since the early days, the last year produced a wealth of new memory analysis capabilities. Notably, nearly all of the progress has been accomplished in free and open source tools. Learn about the latest and greatest additions to the memory forensics arsenal: - In-memory registry forensics - Building and analyzing memory object timelines - Mac and Linux memory analysis - The advantages of "live" memory analysis Regards,