Live IR on a Budget (of $0)
Live Incident Response doesn't have to cost an arm and a leg. Just some legwork and a bit of typing can get you up and ready to collect evidence from those thousands of suspect systems. We will be talking about Live IR's place within the forensic landscape, some benefits and pitfalls, as well as some example scripts to show you a starting point. This presentation has been created by someone deep in the trenches of enterprise security. But best of all, it is all for free (as in beer)!
Speakers Bio: Derek Armstrong is a senior incident handler at a major telecommunications company. There he specializes in incident response, forensics and malware analysis. Over the past two decades he has held a variety of roles in both security, and technology, from public to the private sector. When not working, he is still a geek and a nerd, playing with tech and seeing what breaks.