TH-1015 Finding the Rogue Node

Presented at Texas Cyber Summit 2019, Oct. 12, 2019, 3:30 p.m. (60 minutes)

This presentation is a low-medium level technical break down on how to find a rouge device inside a vast computer network with open source tools. This not only shows how to use these tools but equips the attendee on what tools for a specific incident. This presentation further covers the difference between "traditional forensics" and Incident Response. At the end of this presentation the attended should understand what tools during a hard drive forensic investigation, memory forensic investigation and a network forensic investigation. **Description:** Ever wanted to know the difference between IR and traditional digital forensics? Let me guess, you have no budget but you need to defend your network! Well from this presentation you will not on learn how to defend if for free, but learn the methodology of how an attacker moves and where they hide.

Presenters:

• Donovan Farrow - Alias Forensics

Links:

• https://texascybersummitii2019.sched.com/event/U8mc/th-1015-finding-the-rogue-node

Similar Presentations:

• BSidesDC 2015 / **** It, Do it Live (PowerShell Digital Forensics)
• DEF CON 18 (2010) / Sniper Forensics - One Shot, One Kill
• BruCON 0x0A (2018) / The story of greendale Workshop