MAC Times, Mac Times, and More - SANS Digital Forensics & Incident Response Summit 2017
How well do you really understand the times you see during an investigation? Are you confident in testifying that something happened at a specific time, or on a specific date? This presentation will revisit the file times found on Windows computers and what they mean. It will also focus on the dates and times recorded by MacOS computers, including timestamps found outside of the normal places.
Lee Whitfield (@lee_whitfield), OnDemand Subject Matter Expert - Forensics Lead,
SANS Institute
Видео MAC Times, Mac Times, and More - SANS Digital Forensics & Incident Response Summit 2017 канала SANS Digital Forensics and Incident Response
Lee Whitfield (@lee_whitfield), OnDemand Subject Matter Expert - Forensics Lead,
SANS Institute
Видео MAC Times, Mac Times, and More - SANS Digital Forensics & Incident Response Summit 2017 канала SANS Digital Forensics and Incident Response
Показать
Комментарии отсутствуют
Информация о видео
1 октября 2017 г. 2:00:01
00:26:25
Другие видео канала
Windows MACB Timestamps (NTFS Forensics)Start-Process PowerShell: Get Forensic Artifact- SANS DFIR Summit 2016How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017Open Source Intelligence 101Google Drive Forensics - SANS Digital Forensics and Incident Response Summit 2017Stop Tilting at Windmills: 3 Key Lessons that CTI Teams Should Learn from the Past - SANS CTI SummitEpisode 57: They hid their data in webcache! Part 2Forensic Investigation of Emails Altered on the Server | SANS DFIR Summit 2019Digital Forensics | Davin Teo | TEDxHongKongSalonIncident Response in the Cloud (AWS) - SANS Digital Forensics & Incident Response Summit 2017Windows SRUM ForensicsPutting MITRE ATT&CK™ into Action with What You Have, Where You Are presented by Katie NickelsAchieving Effective Attribution: Case Study on ICS Threats w/ Robert M Lee - Keynote SANS CTI SummitDFIR in 120 Seconds - NTFS Timestamps (MACB)Cloud Storage Forensics Endpoint EvidencePractical Malware Analysis Essentials for Incident RespondersEpisode 58: Cellphone seizure processGetting Started with the SIFT Workstation Webcast with Rob LeeLecture 1: Free Short Course - Digital Forensics