SANS Digital Forensics and Incident Response Blog

Webcast: Memory Analysis for Computer Forensic Analysts and Incident Responders

Today: Wednesday, April 29 at 1:00 PM EDT (1700 UTC/GMT)


Webcast Overview: Introducing the must-have capabilities in your Forensic toolkits that were released in the past year. Learn how live memory collection and analysis is a game-changing tactic now utilized in effective Incident Response and Mitigation techniques. Find out what will replace the tried and true "sysinternals" tools and replace them with capabilities that are crippling rootkit technology. Learn how to analyze memory to discover a rootkit, examine a windows hibernation file, recover an executable from memory, recover passwords, and more.


Posted April 30, 2009 at 6:20 AM | Permalink | Reply


Awesome web cast, and a MUST LISTEN/SEE for anyone in this business! Not just responders and analysts, but also folks within organizations who first encounter systems when something "suspicious" happens. As the available analysis tools improve, this form of response will become ubiquitous.