Info

The Forensic Lunch with David Cowen and Matthew Seyer

The Forensic Lunch! The twice a month podcast devoted to Digital Forensics and Incident Response!
RSS Feed Subscribe in Apple Podcasts
The Forensic Lunch with David Cowen and Matthew Seyer
2020
September
May
April


2018
June
May


2017
May
April
February


2016
September
August
July
April
March
February
January


2015
November
October
September
August
June


Categories

All Episodes
Archives
Categories
Now displaying: Page 3
May 18, 2018

Live From Enfuse Day 3!

This week with
Lesley Carhart, @hacks4pancakes talking about being the very first Women in Technology solving for X award presented by Guidance Software, hacks4kids and her dfir research interests

Dr. Bradley Shatz, @wirespeed4n6, talking about DFRWS evimetry, aff4 and his new advanced imager

Ashley Hernandez, @ashleyatencase, talking about all the new things coming from guidance regarding Encase Forensic, Endpoint investigator and mobile acquisition/examiner

May 18, 2018

Steve Whalen from Sumuri, Jake Williams from Rendition Infosec and Dmitry Sumin from Passware

May 17, 2018

Live with Amber Shroader of Paraben, Matt Bromiley from SANS, Matt Mcfadden Director of training from Opentext/Guidance

May 19, 2017

The Forensic Lunch!

 

This week we had:

Cindy Murphy, @CindyMurph

Matt Linton, @0xMatt

Ryan Pittman no @ to be had

 

talking about how music and forensics goes together and the impact of listening to music on solving technical issues.

 

Also Matt and I talked about Enfuse as well as stupid shell item tricks.

Apr 28, 2017

Paul Shomo comes on to talk about Guidance Software's new Forensic Artifact Research Program where you can get $5,000 USD just for research you are already doing! Find out more here: https://bugcrowd.com/guidancesoftware?preview=114da7695ff86ae70ec01aaf2c6878b0&utm_campaign=9617-Forensic_artifact-20170426&utm_medium=Email&utm_source=Eloqua

 

Phil Hagen introduced the new SANS Network Forensics poster to be released later this month

 

Matt Bromiley is talking about the Ken Johnson Scholarship setup by SANS and KPMG you can learn more and apply here https://digital-forensics.sans.org/blog/2017/03/03/ken-johnson-dfir-scholarship

 

Phil, Matt, Lee and I talked about the DFIR Summit

 

Lee Whitfield and I talked about the 4Cast Awards, Voting is open here: https://forensic4cast.com/forensic-4cast-awards/

 

 

Apr 24, 2017

This week have:

 

Ashley Hernandez from Guidance Software talking about Enfuse

Nicole Ibrahim from G-C Partners talking about event tracing logs in Windows

Lee Whitfield summing up the news of the week

 

Apr 6, 2017

This episode we catch up with Lee on the news and talk about current issues in DFIR.

Apr 6, 2017

This episode we talk vault 7 leaks with Lee Whitfield, what it means for DFIR and other news as well as DFIR database usage discussions and development updates with Matthew and I.

Feb 16, 2017

Michael Louis joins us to talk about how lawyers select and vet experts. Also talks about Toastmasters and how they teach good presentation skills and analogy creation through their program.

 

Matt Bromiley is here to announce BBQ Con!

Feb 16, 2017

Ryan Benson is here to talk about updates to Hindsight, what he's been up to and his other tool SQUID.

 

David Dym came on to talk about FAT32 removable storage and the things OSX does to it.

Feb 16, 2017

Lee Whitfield comes on to talk about the Forensic 4Cast awards which are now taking nominations.

 

Jonathan Poling came on to talk about his new blog and his work at Secureworks

Feb 16, 2017

Friend of the show Eric Zimmerman is back to talk about updates to his tools and research

Feb 16, 2017

Davida and I talk about whats new in our research, tools and packages

Feb 16, 2017

Michael Gough talking with us about his tool LOG-MD and his work.

 

We also go into SRUM again showing new data we can correlate within it.

Feb 16, 2017

This episodes is all about Hibernation files and Mark Spencer's company Arsenal Consulting research into it that led to the creation of a new tool called Hibernation Recon.

Feb 16, 2017

Live broadcast from OSDF Con 2016

 

Talking about DCITA, Autopsy and the academic program that Mark McKinnon is running at  Davenport.

 

Sorry about the audio on this one, we had a bad upstream.

Sep 23, 2016

The forensic lunch!

The twice a month live videocast/podcast all about #DFIR

This episode we have:

Bradley Schatz of Shatz Forensics and Evimetry, @blschatz, talking about his amazing new toolset Evimetry. Watch this first segment to learn more about AFF4, imaging bottlenecks and how his toolset can allow faster imaging locally, remotely and in cloud while doing a bunch of other really cool stuff!

Learn more about his toolset here: http://evimetry.com/

Scott Wahlstrom of KPMG, @wahlstros, came on to talk about the deployable mobile forensic GoKits KPMG has been testing and using in the field. Cool stuff here if you ever wonder how you can bring an entire analysis lab to a data center for a week.

Lastly Matt and I talk about whats new in Windows 10 Forensics with the following artifacts covered:
Lnk Files
Recent Docs
Shell bags and
Jumplists

Watch a couple times to really understand the impact this will have on your investigations!

Sep 2, 2016

The Forensic Lunch!

The videocast/livecast/podcast all about #DFIR!

This week we have Eric Zimmerman talking about the work he did speed and scale testing Encase, FTK and X-ways.

 

Also Matthew and I talking about our newest tool BitRocker which will expose which recovery keys will unlock a bitlocker encrypted volume.

Get our newest tool BitRocker here: https://www.gettriforce.com/product/bitrocker-bitlocker-recovery-key-identifier/

Read Eric's testing here: https://binaryforay.blogspot.com/2016/09/let-benchmarks-hit-floor-autopsy-vs.html

Sep 2, 2016

The Forensic Lunch!

The twice a month live videocast/podcast all about #DFIR!

This broadcast is all about running an isolated virtual network on Intels newest NUC, the Skull Canyon. Watch the video to see us demonstrate running 5 vms in an isolated virtual network on a small, fast and low powered portable system.

You can get the Intel NUC Skull Canyon at amazon here: https://smile.amazon.com/Intel-NUC-Ki...

or at your local Microcenter or Fry's

This is the M.2 NVME SSD Drive I'm using to get 2GB/s reads and 1.5GB/s writes: https://smile.amazon.com/Samsung-950-...

This is the memory I used: https://smile.amazon.com/Crucial-16GB...

Here is the link to the free version of ESXI v6: https://my.vmware.com/en/web/vmware/e...

Expect a blog post where I go through the process

Aug 16, 2016

The Forensic Lunch!

The twice a month live videocast/podcast all about #DFIR !\

This broadcast:
Matt Bromiley, +Matt Bromiley talking about filters he has made for Elastic Handler and work
Talking about the 1st Annual Defcon Forensic CTF
Updates to EventMonkey to work with EVTXtract from Willi Ballenthin and bringing in descriptions
and more!

Download the Defcon Forensics CTF Here:
https://forum.defcon.org/forum/defcon...

The password to extract:
,sli38pdsf;aj8387f*HKlnelne7fy7GUHMBNWlo9udsijw_kn3ohfsa8y^%%T

Submit your answers here:
whymirosh@gmail.com

Link to event monkey:
https://github.com/devgc/EventMonkey

Jul 29, 2016

It's the Forensic Lunch!

The twice a month live videocast/podcast all about DFIR

This episode's guests:
Phil Hagen
Eric Zimmerman

Links:
- Twitter: @SOF_ELK
- Config/code repo: http://for572.com/sof-elk-git
- VM readme (w/ instructions and download link):

Jul 15, 2016

It's the Forensic Lunch!

The twice monthly videocast/podcast just about  #DFIR  join us as we talk about whats new and what new things you can do!

This broadcast we are taking the time to update you on our own tools.

We talked about:
Pancake Viewer, an open source tool to visually explore forensic images and shadow copies (like an open source ftk imager), https://github.com/forensicmatt/PancakeViewer
Event Monkey, an open source and multi threaded event log parser that outputs to sqlite and ElasticSearch, https://github.com/devgc/EventMonkey
Event Monkey Monitor, a tool we are working on releasing that lets you monitor event logs in real time
pytskUSBDeviceForensics, a version of WoanWare's USB Device Forensics program that allows you to feed in images, https://github.com/woanware/usbdeviceforensics/blob/master/pyTskusbdeviceforensics.py

Jul 13, 2016

This episode is live from Enfuse with

 

Jake Williams and Heather Mahalik

Paul Shomo of Guidance Software

Ashley Hernandez of Guidance Software

Jeff Hedlesky of Guidance Software

Jul 13, 2016

Forensic Lunch live from EnFuse with Rob Batzloff talking about Encase 8, and James Wiebe talking about new advancements at CRU

Apr 29, 2016

The Forensic Lunch!

A special episode hosted by Nicole Ibrahim and featuring in no particular order:

Mari Degrazia
Cindy Murphy
Heather Mahalik 
Sarah Edwards
Shelly Giesbrecht

1 « Previous 1 2 3 4 5 6 7 Next » 7