Incident Response Expert John Moran will Introduce New Tool for Windows that Automates Data Acquisition for Investigations

DFLabs, the pioneer in Security Orchestration, Automation and Response (SOAR), today announced that incident response and digital forensics expert John Moran will present an Arsenal session at the upcoming Black Hat USA 2018 conference in Las Vegas. DFLabs is exhibiting at the conference in booth IC2329.

WHO: John Moran, Senior Product Manager at DFLabs, is an expert in security operations, incident response, digital forensics and investigations. He has served as a Senior Incident Response Analyst for NTT Security, Computer Forensic Analyst for the Maine State Police Computer Crimes Unit and Task Force Officer for the US Department of Homeland Security. John currently holds GCFA, CFCE, EnCE, CEH, and CHFI certifications as well as degrees in Digital Forensics and Information Security. WHAT: Targeted attacks, file-less malware and other advanced hacking techniques have rendered the traditional "dead box" approach to forensics ineffective. Once viewed as a dangerous and dark art, "live box" forensics is becoming the de facto standard, even as CSIRT teams continue to struggle with this type of threat hunting. In this session, John will explain why live forensics is now a necessary part of forensic investigations and cyber incident response. He will discuss the benefits, pitfalls to avoid, and best practices for using live box forensics as a threat hunting tool. In addition, John will introduce a tool for Windows that can automate the process of data acquisition in a more secure, easier to maintain and manage manner. This free tool will be made publicly available on the DFLabs website on the day of the presentation. WHEN: Wednesday, August 8, 2018 at 2:30 3:50 PM PDT WHERE: Black Hat USA 2018, Business Hall (Oceanside), Arsenal Station 2, Mandalay Bay Resort Casino, Las Vegas, Nevada HOW: To schedule an in-person meeting at the conference or a phone conversation with John Moran, contact Marc Gendron at marc@mgpr.net or +1 781.237.0341. For more information: https://www.blackhat.com/us-18/arsenal/schedule/index.htmlperforming-live-forensics-without-killing-your-evidence-12058.

