The story of Greendale

Keyboard shortcuts

Key

Action

K or space

Play / Pause

Mute / Unmute

Select next subtitles

Select next audio track

Show slide in full page or toggle automatic source change

left arrow

Seek 5s backward

right arrow

Seek 5s forward

shift + left arrow or J

Seek 10s backward

shift + right arrow or L

Seek 10s forward

control + left arrow

Seek 60s backward

control + right arrow

Seek 60s forward

shift + down arrow

Decrease volume

shift + up arrow

Increase volume

shift + coma

Decrease playback speed

shift + dot or shift + semicolon

Increase playback speed

end

Seek to end

beginning

Seek to beginning

Loading Click here to add:

Information on this media

Creation date:

July 4th, 2018, 9:35 a.m.

Add date:

July 4th, 2018, 1:10 p.m.

Number of views:

101 (this month: 2)

Speaker:

Thomas Chopitea

License:

CC BY-SA v4

Visibility:

This media is published

Description

Ever wanted to do forensics and feel good about it? This talk will introduce you to a suite of open-source tools for all things digital forensics and incident response. You will see how Greendale (a fictitious but very famous university) used this set of tools to articulate an effective response to a pretty severe incident last summer—all on a state-financed university budget! We will cover collection of forensic evidence with GRR, processing with Plaso, and analysis with Timesketch; how these tools can be articulated using dftimewolf, how to remotely image disks and have the processing done in the Cloud.

Thomas Chopitea
Thomas is a forensics investigator and engineer at Google. Previously, he worked at CERT Société Générale, where he bootstrapped the threat intelligence process using a combination of existing and homebrew open-source tools. He likes to write code and hunt down bad guys. His long-term professional goal is to automate himself out of a job.