From the 11th to the 13th of March 2019, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in San Diego, CA, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments.
Below is an overview of the subjects and speakers that will be featured at Techno Security. The conference has four tracks: audit / risk management; forensics; information security; and investigations, along with sponsor demos. Forensic Focus will be concentrating on the digital forensics track throughout the event.
Monday March 11th
The first forensics talk of the conference will be given by Jimmy Schroering from DME Forensics, who will talk through some case studies of advanced DVR analysis. At the same time, Yulia Samoteykina and Vitaliy Mokosiy from Atola Technology will discuss how the need for rapid triage and extraction can be a challenge for digital forensic evidence acquisition. Meanwhile in the security track, Michael Prins from HackerOne will talk about how to leverage relationships with ‘friendly’ hackers who are willing to help companies to improve their security.
Directly following this, Angel Grant will discuss how a better understanding of the cultural elements of hacking can improve cyber investigations. Vico Marziale from BlackBag will talk about how much has changed in Windows 10, and what forensic investigators need to know when they encounter Windows 10 in their cases. Michael Riedijck from PageFreezer Software will discuss social media evidence collection and how it can be used for ediscovery. Both Oxygen Forensics and Susteen will be giving demonstrations of their forensic solutions at the same time.
The penultimate session of day one will see MSAB’s James Eichbaum talking about mobile application analysis and demonstrating how to manually investigate app data and SQLite databases. There will also be a law enforcement panel happening at the same time, the exact nature of which will be confirmed at a later date. Demos from 2:45-3:45pm will be available from Hawk Analytics and Magnet Forensics.
Keith Leavitt from Cellebrite will be the final speaker in the digital forensics track on Monday, looking at mobile evidence in P2P investigations. Meanwhile Don Brister from Berla will talk through some examples of vehicle forensics, and Richard Gurecki will show attendees how to extract data from water damaged devices, focusing on iPhones and Android phones. An IoT panel will convene at 4pm, discussing how to tackle a data breach, and Arman Gungor from Metaspike will demonstrate how to leverage server metadata in email investigations.
Tuesday March 12th
Tuesday’s sessions will begin at 9:30am with the intriguingly named ‘1+1 Is Not Always 2’, which will look at how to bypass multi-factor authentication. Meanwhile Keith Leavitt will take to the stage again to demonstrate some advanced techniques for mobile analysis. A panel will convene in the Grande E room to discuss the challenge of impermanence in forensic analysis and ediscovery, and what happens when we collect ephemeral evidence from messaging services, social networks and similar media. From 9:30 attendees will also have the chance to see demos from BlackBag Technologies and Truxton Forensics.
The next session’s demos will be from Magnet Forensics and Oxygen. Alongside these, Jason Hale from One Source Discovery will talk about how to improve USB device forensics, and Kirby Plessas will show us how to use open source intelligence techniques for cryptocurrency attribution.
The excellent Women In Cyber panel will be returning after lunch, to discuss some of the challenges faced by women in the industry and how they can be addressed. Meanwhile Jessica Hyde from Magnet will be talking about how to handle IoT evidence more effectively, and Julie Lewis from Digital Mountain will demonstrate how to extract and analyse digital evidence from social networking sites and smartphone applications. MSAB’s Global Training Manager will talk attendees through XAMN and XEC Director, showing how they can save time and speed up investigations.
Eric Schmidt from the CATCH Task Force will show attendees how to think outside the box when conducting OSINT investigations, and Kathy Helenek will demonstrate the effective analysis of cloud storage services. Two speakers from Nike’s forensics department will tackle the popular topic of lab accreditation and explain how to make it work.
In the last session of the day, Mike Melson and Nick Barker from Hawk Analytics will talk about how to testify on cell data records, which can be a tricky subject to discuss in court. Steven Watson from VTO Labs will talk us through some case studies of drone forensic investigations, and discuss some current challenges, while in the Canyon room Richard Spradley will demonstrate Whooster’s ability to bring back accurate and useful real-time investigative data results.
Wednesday March 13th
The final day of the conference will begin with two ‘early riser’ options at 8am: Jennine Gilbeau from the US Department of Homeland Security will talk about securing the digital landscape, and another session will look at the dark web, though the speaker and details are still to be confirmed.
At 9:15am attendees will be able to discover how to use the GDPR to improve their companies’ bottom line, culture and IT practices. Jay Cooper from Sumuri will be discussing some APFS imaging considerations, while Michele Stuart from JAG Investigations will show attendees how to use OSINT and social media data to identify and locate individuals of interest. In the computer security track, Donald Malloy from OATH will be tackling the tricky topic of how to let the good guys in while keeping the bad guys out when it comes to IoT security. There will also be a Cellebrite demo happening in the Canyon room.
In the last session of the morning Passware will be in the Canyon room demonstrating their forensic solutions. Greg Scarbro from the FBI will be showing attendees the FBI’s Next Generation Identification system – this was a fascinating talk at Techno Security TX and is highly recommended! Jessica Hyde will be talking about Apple’s “tween years”, from iOS 10 through to 12.
Following lunch there will be a session about preventing common cloud migration mistakes, alongside two speakers from Whooster who will show attendees how to access unique investigative data in real time. Oxygen’s Lee Reiber will look at how to get hold of location data and put it to use in investigations, while Jeremy Kirby from Susteen will show how to acquire immediate evidence from cell phones in the field.
The final sessions of the conference will focus on examining the WhatsApp messenger on Android devices; how to use the Windows PowerShell and command prompt as investigative tools; and how to address the challenge of user privacy in cars.
To view the full conference program and register to attend, please visit the official website. Forensic Focus readers can enjoy a 30% discount on the registration price by entering the code FFOCUS19 when booking.
If there are any talks you would specifically like us to cover, or any speakers you’d especially like to see interviewed, please leave a comment below or email [email protected].