
DFSP # 074 - Detecting Lateral Movement
This week I review a document put out by the Japan Computer Emergency Response Team Coordination Center on "Detecting Lateral Movement through Tracking Event Logs."
18 Jul 201716min

DFSP # 073 - Jump Lists
This week I break down the forensic value of Windows Jump lists.
11 Jul 201719min

DFSP # 072 - Free Training & Free Beer
This week I talk about how to design your own training programs using low cost\ no cost options.
4 Jul 201718min

DFSP # 071 - Automated Malware Triage
This week I take a look at online sandboxes for malware analysis.
27 Jun 201722min

DFSP # 070 - Notepad++
This week I talk a Notepad++, a freely available code editing tool with some great options built in that are useful for inspecting forensic artifacts.
20 Jun 201718min

DFSP # 069 - Automated Memory Triage
This week I take a look at Redline by Mandiant, a tool that offers automated memory triage and much more.
13 Jun 201721min

DFSP # 068 - Is Scanning On-Scene Legit?
This week I explore the idea of using scanning tools as part of an on scene triage process in order to find hidden devices and\or to document the systems of the local network.
6 Jun 201724min

DFSP # 067 - IR A-Z
Looking for the ultimate DFIR checklist? This week I check out a freely available guidebook that, as the name implies, is aimed at addressing all things DFIR related A-Z.
30 Mai 201718min


















