Profile cover photo
Profile photo
David Cowen

Post has shared content
Congratulations to Southern Utah University for placing 1st at the Rocky Mountain CCDC! #RMCCDC @suutbirds #SUU

Post has shared content
What an awesome opportunity for our winners!

Post has attachment
If you haven't seen my speaking schedule for 2014, this may be my favorite talk/conference so far planned #dfir

Post has shared content
A great first post from Brian Moran, let's hope for many more.
All memory dumping tools are not the same
<DISCLAIMER: I am not an in-depth technical expert on memory analysis, and your results and analysis may vary> A few days ago, Takahiro made a blog post regarding some issues that he discovered while processing a 16GB memory dump on a Windows 7 machine (if ...

Post has shared content
I wish this had come out earlier so I could have included this in this weeks saturday reading.
In case you haven't yet heard, I'm transitioning out of my role at CloudPassage and am looking for the next opportunity.

Post has attachment
Do you have a great DFIR story? I think most of us have at least one that we tell when sharing the drink of our choice amongst our peers. Let's see if you have the best DFIR story in this week's Sunday Funday challenge and you could win a free ticket to SANS DFIR Summit 2014 in austin, tx. A ticket worth $1,495!

Live in 40 mintues, we have a great show today. 
Christian Prickaerts from Fox IT discussing the new EU privacy directive and notification requirements
Carlos Cajigas of Epyx Forensics, discussing his research into booting images into vms in Linux with FOSS
Kevin Stokes demonstrating our new super multi boot USB response thumbdrive

Three guests lined up for the forensic lunch this week, +Lee Whitfield  +Nicole Ibrahim  and +Sean Conover  #dfir

Lee talking about the nominations process for the Forensic 4Cast Awards
Nicole talking about her research into MTP device artifacts within windows
Sean talking about his work using memory analysis techniques and infosec skills in his DFIR work for video games at Sony Online Entertainment

Post has attachment
Sunday Funday is up! This week it's a Windows 8.1 challenge requiring some research into how LNK files are being created. In order to reward such effort I"m putting up for grabs a prize I've been saving.

A free ticket to the SANS DFIR Summit 2014 in Austin, Tx. This ticket, if you bought it early, is worth $995 and it can be yours for the small price of your time!

Best of luck!

Post has attachment
Not sure if this community is aware but we do a live forensics talk show every Friday at Noon CST (GMT-6) with different guests. This week we have Amber Schroader from Paraben talking about the new version of Device Seizure and Robert Haist talking about his research recovering cmd execution from the pagefile.
Wait while more posts are being loaded