Conference Program

Monday, April 1, 2019
5:00 PM - 7:00 PM
Welcome Reception
Tuesday, April 2, 2019
7:30 AM - 9:00 AM
Registration & Breakfast
8:30 AM - 9:30 AM
Lecture
Virtual Currency Investigations: Fear Not the Blockchains
Lecture
Internet of Things Forensics
9:00 AM - 10:30 AM
Lab
AXIOM Essentials
Lab
Supporting the Unsupported: Carving, Parsing, and Creating Custom Artifacts
Lab
More Data, Better Focus: Improve Your ICAC Investigations with AI and Categorization
9:45 AM - 10:45 AM
Lecture
IOC Easy as 1-2-3
Lecture
Windows Event Trace Log (ETL) Forensics
10:30 AM - 11:30 AM
Break & Ask the Expert Stations
11:00 AM - 12:30 PM
Lab
Cloud Forensics for Law Enforcement: Get the Evidence You Need to Move Cases Forward
Lab
Forensics in the Corporate Cloud: How to Conduct Office 365 and Google Suite Investigations
Lab
Using GrayKey and AXIOM to Acquire and Parse iOS Data That Other Tools Miss
11:30 AM - 12:30 PM
Lecture
Improvise, Adapt, Overcome: A New Mantra for Digital Forensics Professionals
Lecture
Memory Forensics: Using Memory Forensics Analysis to Guide Your Investigation
12:30 PM - 1:30 PM
Lunch & Ask the Expert Stations
1:30 PM - 2:30 PM
Guest Keynote by Ovie Carroll, Director of DOJ CCIPS Cybercrime Lab, SANS Instructor and Author
2:30 PM - 3:00 PM
Break & Ask the Expert Stations
3:00 PM - 4:00 PM
Lecture
Windows Store & Apps (APPX) Analysis
Lecture
Innovative Solutions for the Changing Nature of Digital Forensic Investigations "I'm a 19-Year Old College Student...and I Carry a Badge."
3:00 PM - 4:30 PM
Lab
Using GrayKey and AXIOM to Acquire and Parse iOS Data That Other Tools Miss
Lab
From Dead Box to Live Memory: Breathing Context into Forensic Investigations
Lab
Supporting the Unsupported: Carving, Parsing, and Creating Custom Artifacts
4:15 PM - 5:15 PM
Lecture
Mobile Panel
Lecture
Leveraging PowerShell and Python for Incident Response and Live Forensic Applications
4:45 PM - 7:45 PM
Lab
DFIR Capture the Flag (CTF) Challenge
7:30 PM
Magnet Forensics Customer Appreciation Event
Wednesday, April 3, 2019
9:00 AM - 10:00 AM
Breakfast
10:00 AM - 11:15 AM
Keynote by Magnet Forensics
11:15 AM - 12:30 PM
Lunch and a live recording of The Forensic Lunch podcast with David Cowen and Matthew Seyer
12:30 PM - 1:30 PM
Lecture
Leveraging AXIOM for Insider Threat Investigations
Lecture
Unsupported Apps. What Can Be Done? A Methodological Approach to Mobile App Forensics
12:30 PM - 2:00 PM
Lab
Cloud Forensics for Law Enforcement: Get the Evidence You Need to Move Cases Forward
Lab
More Data, Better Focus: Improve Your ICAC Investigations with AI and Categorization
Lab
From Dead Box to Live Memory: Breathing Context into Forensic Investigations
1:45 PM - 2:45 PM
Lecture
Taking Your Investigations One Step Further, What Else Can You Be Doing?
Lecture
Corporate Panel
2:00 PM - 3:15 PM
Break & Ask the Expert Stations
2:30 PM - 4:00 PM
Lab
Using GrayKey and AXIOM to Acquire and Parse iOS Data That Other Tools Miss
Lab
Forensics in the Corporate Cloud: How to Conduct Office 365 and Google Suite Investigations
2:30 PM - 4:30 PM
Lab
Magnet Certified Forensics Examiner (MCFE) – AXIOM Certification
3:15 PM - 4:15 PM
Lecture
Collaboration to Combat Online Child Sexual Exploitation
Lecture
Conducting O365 Investigations in a Post-Activities World