Thursday, January 19, 2012

DFIROnline: Connecting the DFIR Community (January Meetup)


DFIROnline is an opportunity to meet-up monthly (informally) with other DFIR practitioners. It is being held the third Thursday of every month @ 2000 hours ET. If you missed tonight's meet-up the archive will be posted soon. Props to Mike Wilkinson for taking the initiative to organize (organise for Lee Whitfield) DFIROnline.
Leave comments or feedback from tonight's meet-up. These informal meet-ups are a great idea and the digital forensics community was out in force this evening. Participation (# of attendees) tripled compared to the first DFIROnline meet up in December, which is archived and can be viewed here. Great presentations this evening by Harlan Carvey on "Malware Detection with An Acquired Image" and Eric Huber on "The Advanced Persistent Threat or: How I Learned to Stop Worrying and Love DF/IR". {Be a sheep dog!}
I enjoy watching Harlan present. He always delivers a practical (something that can be implemented now into your DFIR toolkit/processes) presentation, the DFIR analyst/investigator can understand and deploy immediately. Eric also delivered a great presentation on the APT...What it is and what it is not; drawing upon his knowledge of history, to demonstrate and define the APT. Make sure you catch the next DFIROnline meet-up on Thursday, February 16, 2012. 

Checkout the future line-up already scheduled for this year:

Feb 16 2012 Peter Coons and John Clingerman: Case studies in e-discovery  
                        Jon Rajewski     TBA
Mar 15 2012 Hal Pomeranz: Linux Forensics for non Linux users        
                        Corey Harrell: Ripping Volume Shadow Copies - Tracking User Activity


Remember to follow #DFIROnline hash tag on Twitter.

Wednesday, January 18, 2012

2012 Forensic 4cast DFIR Awards

The 2012 Forensic 4cast Digital Forensic Award Nominations are now open. Submit your nominations here. Nominations are for 2011 and the awards ceremony will be at the SANS Forensic Summit (June 26th & June 27th) in Austin, TX, presented by the British Texan and lethal forensicator, Lee Whitfield.
The awards started in 2009. In case you missed the first annual Forensic 4cast awards, you can watch it here or directly on uStream. As you can see the awards have come a long way, and have really evolved into a digital forensic community driven event. Lee is even required to wear pants when presenting the awards at the LIVE event, unlike the first awards ceremony! So, calling all digital forensic professionals to cast those nominations!
Once the nomination process is complete, the nominees will be posted on the Forensic 4cast website, where voting will commence leading up to the Forensic Summit. If you are deciding what you can do to give back to the digital forensics community, this is your calling! I am showing my support, just as Eric Huber's A Fistful of Dongles blog did, by nominating Kristinn Gudjonsson (Digital Forensic Examiner of the Year) and Log2Timeline (Computer Forensic Software Tool of the Year). Remember, the Forensic 4cast Awards are a community driven event. The nominees and winners are chosen by the community. Cast your nomination and tell a friend!


The categories are:


  •  Digital Forensic Blog of the Year
  •  Digital Forensic Article of the Year
  •  Digital Forensic Book of the Year
  •  Digital Forensic Podcast of the Year
  •  Computer Forensic Hardware Tool of the Year
  •  Computer Forensic Software Tool of the Year (Log2timeline)
  •  Phone Forensic Hardware Tool of the Year
  •  Phone Forensic Software Tool of the Year
  •  Digital Forensic Examiner of the Year (Kristinn Gudjonsson)
  •  Digital Forensic Organization of the Year