Loading…
Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 5 June 2019
  • Workshops will be held on 4 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here
Wednesday, June 5 • 15:25 - 15:40
Forensicating Windows Artifacts: Investigation w/out Event Logs!

Sign up or log in to save this to your schedule and see who's attending!

When dealing with security incidents, hackers tend to wipe their digital footprints to avoid being detected. Normally, they wanted to wipe event logs, so it would be hard for incident responders / forensicators to detect what exactly they did on the compromised machine. As a security professionals working in investigation like this, what would you do once the event logs got wiped? That's why windows artifacts are there to help us investigate and conduct forensics to know what happened before and after compromising the windows machine. On this talk, I'm going to show you the importance of windows artifacts such as prefetch files, registry keys, link files, browser artifacts, shell bags,etc. I will also show you the tools that I've been using in order to get the best out of it during forensics investigation. This lesson is very important specially to those people working in SOC environment, incident responders, and digital forensics investigators.

Speakers
avatar for Renzon Cruz

Renzon Cruz

Renzon is a young security professional who works as a Senior Security Analyst and part of National Cyber Security Operations Center (NCSOC) in Doha, Qatar that performs threat hunting, incident response and digital forensics. Prior to that, he was a security consultant with the largest... Read More →


Wednesday June 5, 2019 15:25 - 15:40
Rookie Track ILEC Conference Centre 47 Lillie Road London SW6 1UD

Twitter Feed