BruCON 0x05 has ended
This schedule is subject to change, check back regularly.
Registrations start at 8h30!
Workshop rooms in the location Novotel are 5 minutes walking from the main venue.
Workshop seats are limited to max 30 persons in rooms Orval, Chimay & La Trappe Seats will be on a first come first serve basis, please be there in time
back to BruCON web site.
TIP: to see as grid: click on the "Schedule button"  
Thursday, September 26 • 2:00pm - 4:00pm
KUDO : Post Mortem Forensic Analysis with FLOSS Tools 2.0 (Sandro Melo)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Currently, computers are increasingly user for illicit activities, in this scenario, as such it is necessary for respond incidents of security  to use  Computer Forensics best practices,  even if not a formal criminal investigation take place. This article how about post mortem forensic of medias especially the hard disks. Several tests and evaluations  can be do in each layer of abstraction, in order to recovery data with quality  to identify evidence . This evidence can be  block of data or even a file related to the security incident being investigated that will henceforth be treated as an artifact. It is true that to perform a forensic analysis, to demand methodology and  also appropriate tools.About the Methodology Analysis in Five Layers that proposing a treatment in each layer of abstraction allowing the identification of each data that can be relevant in the analysis of incident and to meet the need of appropriate tools, the use FOSS tools, is an interesting alternative, since the number of projects developed by this community, for computer forensic, is significant and of sufficient quality to allow the realization of all the forensic  computational process.

Who should attend:

  • Law enforcement officers, federal agents, or detectives who want to master computer forensics and expand their investigative skillset to include data breach investigations, intrusion cases, and tech-savvy cases

  • Incident response team members who are responding to complex security incidents/intrusions and need to utilize computer forensics to help solve their cases

  • Computer Forensic professionals who want to solidify and expand their understanding of file system forensic and incident response related topics

  • Information security professionals with some background in hacker exploits, penetration testing, and incident response

  • Information security managers who would like to master digital forensics in order to understand information security implications and potential litigation related issues or manage investigative teams

  • Anyone with a firm technical background who might be asked to investigate a data breach incident, intrusion case, or WHO investigates individuals that are considered technically savvy

avatar for Sandro Melo

Sandro Melo

About Sandro Melo -  aka CARIOCA -  Currently I work at Bandtec College, and also with Advanced Training, Pentest, Response to Security Incidents and Computer Forensic and student/candidate in Doctor Program in TIDD/PUC-SP. I was born in the beautiful city Rio de Janeiro, Brazil... Read More →

Thursday September 26, 2013 2:00pm - 4:00pm CEST
3 Orval Novotel Ghent