November 9th, 2023
1:00 PM - 2:00 PM EST
Unfortunately a lot of effort and resources for IT and Forensic teams are devoted to investigating employee action. It is important to understand what artifacts tell the story of employee behavior and system activity on an endpoint. This presentation will focus on files such as Shellbags, LNK, Event Logs, and Registry. If that sounds complicated, don't worry! It doesn't have to be complicated, and we will show you how to effectively build the narrative the data is telling.
Join to learn:
- Key collection techniques to increase efficiency in time sensitive cases
- Identify Key Workflows associated with data exfiltration
- Analyze Shell bag information to identify user navigation
- Analyze LNK files to identify user interaction and inform investigative decision making
Speakers