The days of performing only traditional “dead” forensics on a host after a security incident are over. A shift to “live” forensics and incident response investigations is underway, with a round of new tools focused specifically on collecting volatile data and memory analysis, and forensics experts demonstrating new ways to leverage these tools to fight malware and cybercrime at the recent SANS WhatWorks in Forensics and Incident Response Summit…
