Content Industry: Service Providers

網路攻擊事件調查利器:Magnet AXIOM Cyber

By

數位鑑識為找出發生資安事件根本原因的唯一途徑,亦是組織進行全面清查以防堵資安事件再次發生的唯一方法。以往鑑識調查人員僅能分析離線的數位媒體,但自建虛擬攻防環境可以讓攻擊透明化而讓鑑識分析更有效率。今天我們將展示自製木馬攻擊的同時,透過Magnet Cyber及Windows內建指令進行現場鑑識分析並遠端取證。

Adapting Corporate Investigations Within A Pandemic

By

COVID-19 has undeniably changed the way that companies do business. It’s changed the way employees stay connected to their corporate infrastructure and the way that they communicate with each other; and it’s accelerated the adoption of the cloud for many companies as well.  According to a set of surveys of American workers done in April and May, … Continued

Performing Linux Forensic Analysis & Why You Should Care

By

Why do we need to learn Linux Forensics? Well, nowadays when you look at the number of tools available on different penetration testing systems running Linux, you should stop and ask yourself a basic question “are these tools and systems always going to be used for ethical purposes?” The answer is definitely, NO! Another reason … Continued

Tips & Tricks // Using Community Created Custom Artifacts in AXIOM

By

Did you know that there are approximately 150 community created artifacts on the Magnet Artifact Exchange? In this presentation we will discuss how to utilize these artifacts to get more evidence from your cases. These community created artifacts cover a variety of needs from supporting unsupported artifacts, to identifying specific file types, to allowing for the ingestion of results from other tools to allow for analysis within AXIOM! We will demonstrate how to obtain, load, and utilize these artifacts in bulk as well as individually. These tools allow you to look at results from iLEAPP, ALEAPP, Bulk Extractor and other tools alongside results parsed by AXIOM. We will also show where these results will exist in your case and how to use them. Join Jessica Hyde, Director of Forensics, for this informative session and get more parsed results in your cases!