Session Type
Lecture
Name
Taking Investigations to the Wire
Speakers
Todd Mesick | Precision CastParts Corp
Description

As investigators we are always striving to find more evidence. We look to disk and memory as staples of our investigations. Adding the network can be a huge benefit to all investigations, from AUP violations to incident response. The network is full of rich amounts of data, waiting to be explored.   

This presentation will focus on elements of network forensics from packet capture analysis, to extraction of files, emails and other data important to investigations. It will cover tools necessary and the steps to integrate the data into your favorite tools for further analysis.