|
WetStone is proud to be hosting lab sessions at HTCIA International!
| Live Investigative Triage |
|
|
Extracting and examining live volatile evidence from running computers is becoming vital due to the size, reach and mobility of laptop, desktop and server environments. The amount of evidence that can be lost in pull-the-plug only investigations is alarming. This hands-on lab session will give participants the opportunity to use the latest Live Acquisition and Triage Tool (US-LATT). US-LATT was developed by WetStone under National Institute of Justice grants.
Students that are active U.S. State, Local law enforcement attending this class you are eligible to receive a 4GB US-LATT device with maintenance for 1 year at no charge. Others not meeting this criterion will be able to (optionally) purchase the technology for a small fee. Student must bring their own laptop with windows XP or above, to participate in the lab exercise. Participants that desire to become US-LATT Certified may choose to take a certification exam at no charge.
|
| Malware Evidence Discovery and Analysis |
|
|
Today’s advanced computing environments with terabyte and beyond media require new approaches to rapidly and accurately identify the presence of malicious code. Beyond viruses and worms the threat of botnets, keyloggers, anti-forensic wireless hacking tools, rootkits, steganography and other threats is essential knowledge for the investigator. Knowing what is installed and in use by the adversary can help prove intent, cognizance of guilt and a better overall picture of the situation. During this hands-on lab session class participants will be exposed to the advanced malware technologies being utilized by today’s cyber criminals. During the lab session participants will utilize WetStone’s award winning malware discovery software, Gargoyle Investigator™, to detect and analyze the presence of malware found during a mock investigation.
Participants must bring their own laptop with windows XP or above, if they wish to participate in the lab exercise. Participants that desire to become Gargoyle Investigator Certified may choose to take a certification exam at no charge.
|
| Steganography Investigation |
|
|
The art of analyzing steganography within images, multimedia and in network protocols is considered a black art. As criminals communicate and conceal vital information in new Steganographic file systems, voice over internet protocol (VOIP) streams and in a host of multimedia carriers, it is vital and urgent that a cadre of trained experts exist to counter this threat. A deep understanding and analysis of images, multimedia files and network protocols along with clear understanding of the known methods of data hiding are essential in order to participate in this analysis.
During this 3 hour immersion lab students will participate in hands on experiments with stego’d images, multimedia files and steganographic file systems. Advanced tools and analysis techniques will be utilized to discover the use of steganography and the detection of images and multimedia files that contain hidden information.
|
|
.png)
September 12, 2011
Morning Session:
Live Investigative Triage
Afternoon Session:
Malware Evidence Discovery and Analysis
September 13, 2011
Morning Session:
Conducting Steganography Investigations
Afternoon Session:
Live Investigative Traige
September 14, 2011
Morning Session:
Malware Evidence Discovery and Analysis
Afternoon Session:
Conducting Steganography Investigations
|
Customer Portal
Corporate
Contact Us
