Memory Forensics Made Easy
Participation from R2 Community
Basics
-
Est. # of Attendees
-
Event Categories
Webcast | Webinar
-
Event Type
On Demand Webcast
-
Relevant Agencies
Federal Government, Other Federal Agencies, State & Local Government
-
Topics
Cybersecurity, Fire - Rescue, Technology
Description
Memory forensics is a key component of any incident investigation involving endpoints. It can help determine whether an infection did in fact occur, and if so, what type of threat is involved. However, most SOC/IR teams do not fully utilize memory forensics techniques as part of their investigations usually from lack of time or technical know-how.
In this talk, we will show you how Intezers endpoint scanner and Volatility plugin analyze live endpoints and entire memory dumps, providing deep insights and quick verdicts by identifying malicious code reuse within memory modules. These memory forensics tools can be incorporated as part of any incident and done at scale for many endpoints within a company.