This event has ended. Visit the official site or create your own event on Sched.

Talarna lägger upp sessionerna själva och vi har påminnt dem om att göra det. 
Saknar ni någon kontakta gärna talarna direkt själva eller maila styrelsen.

Back To Schedule
Tuesday, October 17 • 15:00 - 15:45
Mission: Possible! Journaling Forensics 101 (with Free Tools)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
o Learn to think like a spy! Many shops use journaling for a variety of reasons, but may not be familiar with how to use these journals for forensic purposes. Mining your journals for the who, what, when, where, how - and sometimes even why - can be very useful, not to mention fun! Come join us for a lighthearted and entertaining "Mission: Impossible" themed look at one of the most useful things you can do with your journals. This session will introduce journaling concepts and share tuning tips to optimize your journal environment for forensics. After reviewing the "old fashioned" way to dig into your journals, we will demonstrate how much easier this is with the right tools. The DMPJRN and CVTJRNDTA commands used in this presentation will be made available as a free download to all attendees, including source code!
o Learning Objectives - After participating in this session, attendees should have the skills and tools to:
 Optimize your journal environment to maximize the forensic information available to you
 Understand what your journals are trying to tell you, and how to interrogate them to get the answers you need
 Dump your journals quickly and easily using the free software made available
 Be able to interpret the content of your journals to determine what really happened to your data
 Use the techniques demonstrated in the provided source code to develop your own tools
 Save the world from evil-doers
o Audience:
 Anyone who would like to better understand how to maximize their journaling environment to make use of forensic data would benefit from this session. If you've ever needed to figure out how something happened to your data, if you like playing detective, if you enjoy building tools to make your job easier, then please join us!

avatar for Steven Wolk

Steven Wolk

CTO, PC Richard & Son
Steven Wolk is the Chief Technology Officer for PC Richard & Son, a family owned and operated chain of 66 appliance and electronics superstores located throughout NY, NJ, CT, and PA. Founded in 1909, PC Richard has always been known for honesty, integrity, and reliability throughout... Read More →

Tuesday October 17, 2017 15:00 - 15:45 CEST
Prins Eugenes Salong