Name
F5. Open Source DFIR Made Easy: The Setup
Date & Time
Thursday, May 11, 2017, 11:15 AM - 12:15 PM
Alan Orlikoski Stephen Hinck
Description
Session Description:
 
This presentation will introduce and demonstrate the use of the CyLR, CDQR Forensics - Virtual Machine (CCF-VM). The CCF-VM was designed to provide an all-in-one solution to one of the most common issues facing DFIR teams. It provides a conveniently packaged, easy to use platform, designed from the ground up to enable teams to collect, process, and analyze critical forensics artifacts to triage and investigate intrusions both large and small. Including built-in, commonly used searches and dashboards, CCF-VM enables searching of both single or multiple hosts simultaneously based on analyst or incident needs.
 
 
Location Name
Room 610/612
Full Address
Colorado Convention Center
700 14th Street
Denver, CO 80202
United States
Category
Incident Response
Learner Objectives
After completing this session, the learner will understand how to: 
  • Collect data with CyLR (https://github.com/rough007/CyLR)
  • Process forensic artifacts easily with CDQR (https://github.com/rough007/CDQR)
  • Use Kibana (as setup in CCF-VM) for DFIR purposes
  • Setup the CCF-VM (https://github.com/rough007/CCF-VM)
  • Setup a CCF-VM DFIR toolkit for each analyst
  • Scale CCF-VM to the enterprise level
 
Speaker Bio(s)
Mr. Orlikoski is the Senior Manager for Oracle's Incident Response & Threat Protection Team. He has a thorough understanding of malware, computer forensics, and tactics, techniques, and procedures leveraged by attackers. He has 16+ years of experience, public and private sectors, in IT Security and Project/Program Management.
 
With over 10 years ' experience in information security, Mr. Hinck 's background in incident response has given him a wealth of understanding in incident response and digital forensics. His experience includes successfully responding to incidents and building security programs in multiple companies, both large and small.
 
 
Sorting Order
2