(This is Part 3 of a 3-part series on the all-new and enhanced digital forensics labs and lectures at CEIC 2015.)
The first post in this series talked about how we're expanding on the core competency of the EnCase community who converge on CEIC each year. The second post drilled down into the plethora and diversity of digital artifacts and showcased sessions designed to address these exploding challenges. In this final post, we present the marquee of acclaimed industry experts who will be on hand to teach new technologies and tools and share hard-earned insight from decades of experience in digital investigations.
Digital Forensic Notables and Top-flight Instructors On Tap at CEIC 2015
- Posted by: Siemens
- On: 5/12/2015
- No comments
- Categories: Berla Corporation , CEIC , Magnet Forensics , Paraben , Passware , SANS
Learn to Expand on the Value of EnCase at CEIC 2015 with EnScripts and Third-Party Apps
This year at CEIC®, we’re committing more training and trainer resources than ever before to help you boost the benefits of EnCase® in your company’s deployment.
Our goal is to show you the brawn behind power EnCase users and apps, and by learning more about the EnScript® language, help you get to that same level.
With an expanded conference track called EnCase Apps and Integrations, we’ve added 12 sessions that will showcase some of the most dynamic apps developed by EnCase forensic investigators that are easy for you to integrate. We’re also boosting the App World booth hosted by EnScript gurus from Guidance Software and developers from the EnCase community, so you’ve got more experts close at hand during all hours of the conference day.
Our goal is to show you the brawn behind power EnCase users and apps, and by learning more about the EnScript® language, help you get to that same level.
With an expanded conference track called EnCase Apps and Integrations, we’ve added 12 sessions that will showcase some of the most dynamic apps developed by EnCase forensic investigators that are easy for you to integrate. We’re also boosting the App World booth hosted by EnScript gurus from Guidance Software and developers from the EnCase community, so you’ve got more experts close at hand during all hours of the conference day.
- Posted by: Siemens
- On: 5/07/2015
- No comments
- Categories: Belkasoft Evidence Center , CEIC , EnCase App Central , IEF , Python , ThreatGRID , WetStone
The Good, the Bad, and the Diverse: Gain More Visibility into the Growing Diversity of Devices, OS’s and Artifacts
(This is Part 2 of a 3-part series on the all-new and enhanced digital forensics labs and lectures at CEIC® 2015. Read Part 1 here.)
One of the biggest challenges for investigators today is not only the number of devices or the amount of data (the average hard drive has just crossed the 1TB threshold), but the number and diversity of applications and artifacts that are on a system.
Frankly, we feel your pain. We know there’s no single tool that investigators can rely on to support all applications, browsers, and file systems. We get it when practitioners tell us they require a larger toolbox and deeper skill set to support the overwhelming challenges in digital investigations.
Guidance Software uses CEIC to bring together all of the speakers with their tools and apps that integrate with EnCase and provide you with better visibility into systems, applications and artifacts.
There are four tracks that focus on digital investigations:
We want to remind you that the hands-on labs fill up fast, as 70 percent of attendees say that labs are the number one reason they attend CEIC. So, click here to register now.
You can view the agenda here to read session descriptions and speaker bios on the 44 lab, lecture, and panel sessions that focus on digital forensics. You can also get a sneak preview on a few of the hands-on lab topics that are sure to warrant a packed room, such as the ones we've highlighted here below.
David Cowen and Matthew Seyer of G-C Partners, LLC, will outline the three major file systems in use today that utilize journaling (NTFS, EXT3/4, HFS+) and explain what is stored and its impact on your investigations. You will learn:
If it wasn’t obvious before this blog, now it should be loud and clear: this year’s sessions on digital forensics pull no punches when it comes to providing more visibility to the good, the bad, and the sometimes very ugly and diverse applications and artifacts you face every day.
Stay tuned for Part 3 of this blog topic on digital forensics, where we’ll shed light on the caliber of speakers we’re bringing in to teach these sessions mentioned here. We're confident that these are experts whom you know and trust.
In the meantime, be sure to visit the CEIC website for information on the current event agenda, registration information, sponsor and exhibitor opportunities, and to register now. Also, be sure to follow us on Facebook, Twitter, and LinkedIn for the latest CEIC buzz and conversation.
One of the biggest challenges for investigators today is not only the number of devices or the amount of data (the average hard drive has just crossed the 1TB threshold), but the number and diversity of applications and artifacts that are on a system.
Frankly, we feel your pain. We know there’s no single tool that investigators can rely on to support all applications, browsers, and file systems. We get it when practitioners tell us they require a larger toolbox and deeper skill set to support the overwhelming challenges in digital investigations.
Guidance Software uses CEIC to bring together all of the speakers with their tools and apps that integrate with EnCase and provide you with better visibility into systems, applications and artifacts.
There are four tracks that focus on digital investigations:
- Digital Forensics Labs
- Advanced Digital Forensics Labs
- Topics in Digital Forensics
- Mobile Devices and Cloud Investigations
You can view the agenda here to read session descriptions and speaker bios on the 44 lab, lecture, and panel sessions that focus on digital forensics. You can also get a sneak preview on a few of the hands-on lab topics that are sure to warrant a packed room, such as the ones we've highlighted here below.
Digital Forensics Session Highlight: File System Journaling Forensics
David Cowen and Matthew Seyer of G-C Partners, LLC, will outline the three major file systems in use today that utilize journaling (NTFS, EXT3/4, HFS+) and explain what is stored and its impact on your investigations. You will learn:- What data is stored by your file systems?
- How to gather the data using EnCase.
- How to use a free parser to understand the data.
Digital Forensics Session Highlight: Vehicle Systems Forensics
Ben LeMere, CEO of Berla Corporation, is back by popular demand this year. We know students of vehicle forensics will be glad to hear that you'll be able to get your hands on the data stored in several different infotainment and telematics systems in his practical, hands-on lab session. Vehicle Infotainment and Telematics systems store a vast amount of data such as recent destinations, favorite locations, call logs, contact lists, SMS messages, emails, pictures, videos, social media feeds, and the navigation history of everywhere the vehicle has been. This information is not easily retrievable and is typically stored in several different systems within a vehicle not traditionally associated with event data. This is cutting-edge technology that is quickly becoming more pervasive in the field of investigations.Digital Forensics Session Highlight: Windows ShellBag Forensics in Depth
Vincent Lo, Digital Forensics and Incident Response Investigator, knows that ShellBag behavior is a challenging task for “forensicators.” The problem of identifying when and which folders a user accessed arises often and investigators attempt to search for them in the ShellBag information because it may contain registry keys indicating which folders the user accessed previously. Their timestamps may demonstrate when they were accessed. Nevertheless, a lot of activities can create/update the timestamps. That’s why you won’t want to miss this hands-on lab, where you’ll understand the details of ShellBag information, review various activities across Windows operating systems and learn how to interpret it correctly.If it wasn’t obvious before this blog, now it should be loud and clear: this year’s sessions on digital forensics pull no punches when it comes to providing more visibility to the good, the bad, and the sometimes very ugly and diverse applications and artifacts you face every day.
Stay tuned for Part 3 of this blog topic on digital forensics, where we’ll shed light on the caliber of speakers we’re bringing in to teach these sessions mentioned here. We're confident that these are experts whom you know and trust.
In the meantime, be sure to visit the CEIC website for information on the current event agenda, registration information, sponsor and exhibitor opportunities, and to register now. Also, be sure to follow us on Facebook, Twitter, and LinkedIn for the latest CEIC buzz and conversation.
Ask the Expert: Yuri Gubanov, CEO of Belkasoft
In our recent webinar with Yuri and Oleg from Belkasoft, we had quite a few interesting questions and even more interesting answers. They presented three case studies that leveraged EnCase Forensic and Belkasoft digital forensics tools to uncover critical evidence. You can watch the on-demand webinar here.
Q: Guys, you mentioned analysis of Live RAM dump created by Belkasoft tool. We use winen.exe tool by Guidance Software. Will you work with dumps created by this tool?
Q: Guys, you mentioned analysis of Live RAM dump created by Belkasoft tool. We use winen.exe tool by Guidance Software. Will you work with dumps created by this tool?
- Posted by: Siemens
- On: 4/21/2015
- No comments
- Categories: Belkasoft Evidence Center , Social Media Artifacts
CEIC Sessions on Digital Forensics Deliver on the EnCase Community's Core Competency
(This is part 1 of a three-part series on the all-new, enhanced digital forensics labs and lectures at CEIC 2015.)
Our conversations at CEIC usually dwell on how best to uncover data that will provide evidence to prove a wrongdoing. Today that data and those artifacts are found amongst hundreds of thousands of files on a target system. Only through tens of thousands of investigations by the EnCase community over 18 years and through the application of your hard-won expertise are we able to design a curriculum that serves your most vital needs.
Our conversations at CEIC usually dwell on how best to uncover data that will provide evidence to prove a wrongdoing. Today that data and those artifacts are found amongst hundreds of thousands of files on a target system. Only through tens of thousands of investigations by the EnCase community over 18 years and through the application of your hard-won expertise are we able to design a curriculum that serves your most vital needs.