TopPodcast.com
Menu
  • Home
  • Top Charts
  • Top Networks
  • Top Apps
  • Top Independents
  • Top Podfluencers
  • Top Picks
    • Top Business Podcasts
    • Top True Crime Podcasts
    • Top Finance Podcasts
    • Top Comedy Podcasts
    • Top Music Podcasts
    • Top Womens Podcasts
    • Top Kids Podcasts
    • Top Sports Podcasts
    • Top News Podcasts
    • Top Tech Podcasts
    • Top Crypto Podcasts
    • Top Entrepreneurial Podcasts
    • Top Fantasy Sports Podcasts
    • Top Political Podcasts
    • Top Science Podcasts
    • Top Self Help Podcasts
    • Top Sports Betting Podcasts
    • Top Stocks Podcasts
  • Podcast News
  • About Us
  • Podcast Advertising
  • Contact
Not in our directory?
Add Show Here
Podcast Equipment
Center

toppodcastlogoOur TOPPODCAST Picks

  • Comedy
  • Crypto
  • Sports
  • News
  • Politics
  • True Crime
  • Business
  • Finance

Follow Us

toppodcastlogoStay Connected

    View Top 200 Chart
    Back to Rankings Page
    News

    The Forensic Lunch with David Cowen and Matthew Seyer

    The Forensic Lunch!

    The one hour, mostly, live digital forensics and incident response focused video cast and podcast.

    Advertise

    Copyright: © Copyright 2016 G-C Partners, LLC

    • Apple Podcasts
    • Google Play
    • Spotify
    Latest Episodes:
    Forensic Lunch 8-28-20 Sep 09, 2020

    The Forensic Lunch! This week with Willi Ballenthin from the Mandiant FLARE Team talking about their tools

    Forensic Lunch 8-14-20 Sep 09, 2020

    The Forensic Lunch! This week with Sarah Edwards and Jared Barnhart talking about iphone testing labs, app testing and decoding apple photos machine learning identified photo metadata

    Forensic Lunch 7-24-20 Sep 09, 2020

    Forensic Lunch! This week with Jordan Barth talking about Azure and the Cloud!

    Forensic Lunch 6-26-20 Sep 09, 2020

    Forensic Lunch! This week it's time for the second Annual National Collegiate Cyber Defense Competition Redteam AMA!

    Forensic Lunch 6-19-20 Sep 09, 2020

    Forensic Lunch! This week with Google Incident Response Management Team! Learn how Google does IR Management and hear from Joachim Metz, James Nettesheim, Matt Linton and Alex Jager

    Forensic Lunch 6-12-20 Sep 09, 2020

    Forensic Lunch! This week with Eric Zimmerman showing SQLite Explorer and Javier Marcos discussing OSCtrl for OSQuery

    Forensic Lunch 5-29-20 Sep 09, 2020

    Forensic Lunch! This week with Yogesh Kahtri talking about MAC_APT, Brian Moran and Yuri Gubanov from Belkasoft

    Forensic Lunch 5-22-20 Sep 09, 2020

    Forensic Lunch! This week with Michael Cohen doing an hour and a half of Velociraptor!

    Forensic Lunch 5-15-20 Sep 09, 2020

    The Forensic Lunch! This week we are bringing Jad Saliba and Jessica Hyde from Magnet talking about the month of great content they've been hosting and the new things coming out of Magnet. In addition we will have the winner of the Magnet Virtual CTF 2020!

    Forensic Lunch 5/8/20 - Jack Farley, Josh Brunty, Kevin Pagano, Tom Pace, Jim Arnold May 09, 2020

    This week on the Forensic Lunch we had:

    • Josh Brunty, @joshbrunty, talking about his DFIR program at Marshall
      • https://www.marshall.edu/cyber/
    • Tom Pace of Blackberry Cyclance and Jim Arnold of KPMG talking about recent ransomware trends.
    • Kevin Pagano, @kevpagano3, talking about his Sunday Funday and the Magnet Virtual CTF
    • Jack Farley, @jackfarley248, talking about MEAT and the Magnet Virtual CTF
      • https://github.com/jfarley248/MEAT

    You can watch it here:

    https://youtu.be/fPzSm-hofA0

    Forensic Lunch 5/1/20 - Oleg Skulkin (FeatureUsage), Brian Marks (Office 365) , Lee Whitfield 4CAST May 01, 2020

    This week the Forensic Lunch went into Overtime! We went a full 25 minutes over the usual hour because we had so much to talk about. On this weeks show:

    • Matt Seyer (@forensic_matt) talked all about the etl parser and monitor he's working on in Rust! https://github.com/forensicmatt/RsWindowsThingies
    • Oleg Skulkin (@oskulkin) talked about how he approaches Sunday Funday's (he's won 3!) and about his new blog post about the Windows FeatureUsage artifact. https://www.group-ib.com/blog/featureusage
    • Brian Marks (@briandfir) talked about how the Office365 UAL MailboxItemsAccessed Audit event works and what the entry details mean
    • Lee Whitfield (@lee_whitfield ) talked through the Forensic 4Cast Awards nominations that end in two weeks, and Matt and I gave who we will be nominating. https://forensic4cast.com/2020/02/2020-forensic-4cast-awards-nominations-are-open/
    Forensic Lunch 4/24/20 with the Google IR Team (GRR, Timesketch, Turbinia, DTTimewolf, More!) Apr 24, 2020

    We had a jam packed Forensic Lunch today with a portion of the Google IR team today talking all about the open source tools they develop, use and support in their work at Google.

    Specifically we had :

    • Mikhail Bushkov giving a big update on GRR https://github.com/google/grr
    • Johan Berggren (https://twitter.com/jberggren) and Kristinn Gudjonsson (https://twitter.com/el_killerdwarf) talking about Timesketch and Data science
      • https://github.com/google/timesketch
    • Aaron Peterson (https://twitter.com/aarontpeterson) talking about Turbinia
      • https://github.com/google/turbinia
    • Thomas Chopitea (https://twitter.com/tomchop_) talking about DTTimewolf
      • https://github.com/log2timeline/dftimewolf
    • Theo Giovanna talking about libcloudforensics aka cloudforensicutils
      • https://github.com/google/cloud-forensics-utils/tree/master/libcloudforensics
    • Joachin Metz (https://twitter.com/joachimmetz) - Talking about Plaso, libntfs and Libyal
      • Plaso: https://github.com/log2timeline/plaso
      • Libfsntfs: https://github.com/libyal/libfsntfs
      • Libyal: https://github.com/libyal

    Join them on the Open Source DFIR Slack: https://join-open-source-dfir-slack.herokuapp.com/

    Read more about what they are doing on the Open Source DFIR Blog: https://osdfir.blogspot.com/

    Forensic Lunch 4/17/20 with Zach Wasserman Apr 17, 2020

    Today on the Forensic Lunch we only had one guest, Zach Wasserman, from OSQuery technical steering committee. We only had one guest because we knew we would have so much to talk to Zach about! From OSQuery's future in the linux foundation, Kollide Fleet and other fleet managers to Zach's work at Dactiv, LLC you have alot waiting for you in this weeks broadcast.

    You can reach Zach Wasserman on twitter @TheZachW or Zach can be reached at zach@dactiv.llc if you want to work with him!

    Forensic Lunch 4/10/20 with Belkasoft, AWS IR Automation, MVS DFIRFIT and HTTP Security Headers Apr 15, 2020

    What a great Forensic Lunch today!

    On today's broadcast we had:

    Yuri Gubanov (@belkasoft) giving an update about whats going on at Belkasoft. Including their IOS 13.4 full file system acquisition using Checkm8, their new IR module in Belkasoft Evidence Center and a neat capability to do managed remote logical phone collections.

    Steve Gibson and Spencer Hendee (@stevegibson) from KPMG (disclaimer I work there too!) came on to discuss the really cool AWS Cloud IR Automation we've been working on.

    Brian Moran (@brimorlabs) social media maven and principal of BriMorLabs came on to discuss the Magnet Virtual Summit DFIRFIT 2020 where for a donation (and some excercise) you can get a cool prize pack shipped to you anywhere in the world! Register here: https://mvsdfirfit2020.com

    Caleb Queern (@HttpSecHeaders) also of KPMG came on to discuss the clearsite HTTP header. This was interesting as its a directive a website can give to a browser to tell it to clear/not store history or data about it. This will need to be tested, you can read more here https://w3c.github.io/webappsec-clear-site-data/

    So great stuff this week, you can watch below. Otherwise next week we've already confirmed Zach Wasserman to come and talk about OSQuery and Kollide!

    Forensic Lunch 4/3/20 Apr 15, 2020

    On this episode:

    • Mari Degrazia (@MariDegrazia) discussing her research into WinSCP and later movement, you can read more here: http://az4n6.blogspot.com/2020/02/detecting-laterial-movment-with-winscp.html
    • Hal Pomeranz (@hal_pomeranz) talking about his new Linux Forensics course that you can download here: https://ia801406.us.archive.org/6/items/HalLinuxForensics/HalLinuxForens ics_archive.torrent
    • Alex Levinson (@alexlevinson) Gave an update on the National Collegiate Cyber Defense Competition which as gone all virtual this year
    • Matt Seyer (forensic_matt) talked about our upcoming SANS DFIR presentation and tools he's working on
    • Sarah Edwards (@iamevltwin) gave colorful commentary and meaningful insights
    Forensic Lunch 12/13/19 - CTI Summit Apr 15, 2020

    Live with Rick Holland, Ryan Johnson and Evan Dygert

    Forensic Lunch 10/25/19 - Champlain DFA Defcon DFIR CTF - Martin Korman - Regipy Apr 15, 2020

    The Forensic Lunch!

    This week with the Champlain Digital Forensics Association talking about the Defcon DFIR CTF and Martin Korman talking about his project regipy

    Forensic Lunch 7/19/19 with Alex Levinson Apr 15, 2020

    This week with Alex Levinson from Uber

    Forensic Lunch 5/3/19 CCDC AMA Live Apr 15, 2020

    The Forensic Lunch!

    Sli.do link https://app2.sli.do/event/hzkazryr/live/questions

    This broadcast we are doing a live AMA from Reddit all about the NCCDC Redteam

    Forensic Lunch 4/3/19 Live from MUS 2019 Apr 15, 2020

    The Forensic Lunch!

    Live from the Magnet User Summit 2019!

    Forensic Lunch 3/20/20 - Lance Spitzner and Jessica Hyde Apr 15, 2020

    with Lance Spitzner talking about Sans Live Online, Jessica Hyde talking about the Magnet Virtual Summit

    Forensic Lunch 3/8/19 Eric Zimmerman, Lee Whitfield , Kape, Forensic 4Cast, Nominations Apr 15, 2020

    The Forensic Lunch 3/8/19! The twice a month, usually, podcast/videocast that's all about DFIR This week we have: Eric Zimmerman, talking about KAPE Lee Whitfield, talking about the Forensic 4Cast award nominations

    Forensic Lunch 2/21/20 - Anzac Edition Apr 15, 2020

    Forensic Lunch ANZAC edition with Michael Cohen talking about Velociraptor

    Shanna Daly talking about her work in Australia

    Phil Moore, Nick Klein talking about their new entity and thisweekin4n6

    Forensic Lunch 2/7/20 - Blackbag Update Apr 15, 2020

    Forensic Lunch with Sarah Edwards, Ashley Hernandez , Dr Joe Sylve catching us up with the new combined Celebrite/Blackbag

    Forensic Lunch 2/1/19 Blanche Lagny Amcache DFIR Review Apr 15, 2020

    The Forensic Lunch 2/1/19! The twice a month, usually, podcast/videocast that's all about DFIR This week we have: Blanche Lagny talking about her paper on Amcache The DFIR Review crew talking about .. DFIR Review! crew entails: Jessica Hyde Vico Marziale Brett Shavers Tony Knutson

    Forensic Lunch 1/24/20 - Ryan Benson, Jessica Hyde and Aaron Sparling Apr 15, 2020

    Forensic Lunch! Live with Ryan Benson talking about Unfurl, Jessica Hyde and Aaron Sparling talking about Memory forensics

    Forensic Lunch 1/10/20 with Lee Whitfield Apr 15, 2020

    This week Lee Whitfield joins us to discuss the DFIR Summit and Matt showed us his rust based live windows monitors for DFIR Research

    Forensic Lunch 6/15/18 Jun 15, 2018

    The Forensic Lunch! Live this week with jaco_za who walked us through how he won the Magnet User Summit CTF we built.

    Forensic Lunch 6/8/18 Jun 15, 2018

    Live from the DFIR Summit in Austin, Texas.

    This short episode we had Rob Lee talking about the new Windows Forensics Poster and Lee Whitfield talking about the Forensic 4cast awards.

    Forensic Lunch 5/21/18 May 23, 2018

    Live from the Magnet User Summit in Las Vegas with Jessica Hyde, Heather Mahalik, Jad Saliba, Matthew Seyer and David Cowen

    Forensic Lunch 5/18/18 May 20, 2018

    Live with Jason Jordaan talking about DFIR in South Africa, James Cooksey talking about Belkasoft, Troy Schnack talking about his work and being nominated for Forensicator of the Year, Matthew Seyer and David Cowen

    Forensic Lunch 5/4/18 May 20, 2018

    Live with Maxime Lamothe-Brassard, Nicole Ibrahim, Matthew Seyer and David Cowen talking about ETLs, the SANS DFIR Summit, and Lima Charlie

    Forensic Lunch 4/20/18 May 20, 2018

    Live with Lee Whitfield, Matthew Seyer and David Cowen talking about the Forensic 4Cast award Nominees

    Forensic Lunch: 4/6/18 May 20, 2018

    The Forensic Lunch live with Matthew Seyer and David Cowen talking about how Office saves files and more testing

    Forensic Lunch 3/9/18 May 20, 2018

    Live with Maxim Suhanov (@errno_fail), Matthew Seyer and David Cowen talking about Registry Forensics, Transactional Registry logs and his library YARP

    Forensic Lunch 3/2/18 May 20, 2018

    Live with Eric Zimmerman, Matthew Seyer and David Cowen talking about Registry Explorer and transactional registries

    Forensic Lunch 2/23/18 May 20, 2018

    Live with Phill Moore, Dr. Bradley Schatz, Matthew Seyer and David Cowen talking about This week in forensics and Evimetry

    Forensic Lunch 2/16/18 May 20, 2018

    Live with Ashley Hernandez, Joe Sylve, Matthew Seyer and David Cowen talking about Blacklight and Blackbag

    Forensic Lunch 1/26/18 May 20, 2018

    Forensic Lunch Live with Devon Ackerman, Matthew Seyer and David Cowen. Devon Ackerman presented on Office365 forensics

    Forensic Lunch 1/19/18 May 20, 2018

    Forensic Lunch Live with Lee Whitfield, Matthew Seyer and David Cowen

    Forensic Lunch Test Kicthen 12/7/17 May 20, 2018

    Forensic Lunch Test Kitchen live DFIR testing on 12/7/17

    Forensic Lunch Test Kitchen 12/6/17 May 20, 2018

    Forensic Lunch Test Kitchen live DFIR testing on 12/6/17

    Forensic Lunch Test Kitchen 12/5/17 May 20, 2018

    Forensic Lunch Test Kitchen live DFIR testing on 12/5/17

    Forensic Lunch Test Kitchen 12/4/17 May 20, 2018

    The Forensic Lunch Test Kitchen 12/4/17, live testing of forensic artifacts

    Forensic Lunch 10/17/17 May 20, 2018

    The Forensic Lunch live with Mark Mckinnon, Brian Moran, Brian Carrier and Jessica Hyde

    Forensic Lunch 10/13/17 May 20, 2018

    The Forensic Lunch live with Rebekah Brown

    Forensic Lunch 8/18/17 May 20, 2018

    The Forensic Lunch with Chuck Norris, correlation in Arrango DB and shellbags testing

    Forensic Lunch 8/11/17 May 20, 2018

    Forensic Lunch With Elizabeth Schweinsberg talking about DFRWS

    Forensic Lunch 7/14/17 May 20, 2018

    The Forensic Lunch with Mary Ellen Kennel and Devon Ackerman talking about the AbourDFIR project

    Forensic Lunch 5/26/17 May 18, 2018

    This week Jessica Hyde and Brian Moran joined us talking about their research into Amazon Alexa and Google Home.

    Forensic Lunch 5/25/17 May 18, 2018

    Live From Enfuse Day 3!

    This week with Lesley Carhart, @hacks4pancakes talking about being the very first Women in Technology solving for X award presented by Guidance Software, hacks4kids and her dfir research interests

    Dr. Bradley Shatz, @wirespeed4n6, talking about DFRWS evimetry, aff4 and his new advanced imager

    Ashley Hernandez, @ashleyatencase, talking about all the new things coming from guidance regarding Encase Forensic, Endpoint investigator and mobile acquisition/examiner

    Forensic Lunch 5/24/17 May 18, 2018

    Steve Whalen from Sumuri, Jake Williams from Rendition Infosec and Dmitry Sumin from Passware

    Forensic Lunch 5-23-17 May 17, 2018

    Live with Amber Shroader of Paraben, Matt Bromiley from SANS, Matt Mcfadden Director of training from Opentext/Guidance

    Forensic Lunch 5/19/17 May 19, 2017

    The Forensic Lunch!

    This week we had:

    Cindy Murphy, @CindyMurph

    Matt Linton, @0xMatt

    Ryan Pittman no @ to be had

    talking about how music and forensics goes together and the impact of listening to music on solving technical issues.

    Also Matt and I talked about Enfuse as well as stupid shell item tricks.

    Forensic Lunch 4/28/17 Apr 28, 2017

    Paul Shomo comes on to talk about Guidance Software's new Forensic Artifact Research Program where you can get $5,000 USD just for research you are already doing! Find out more here: https://bugcrowd.com/guidancesoftware?preview=114da7695ff86ae70ec01aaf2c6878b0&utm_campaign=9617-Forensic_artifact-20170426&utm_medium=Email&utm_source=Eloqua

    Phil Hagen introduced the new SANS Network Forensics poster to be released later this month

    Matt Bromiley is talking about the Ken Johnson Scholarship setup by SANS and KPMG you can learn more and apply here https://digital-forensics.sans.org/blog/2017/03/03/ken-johnson-dfir-scholarship

    Phil, Matt, Lee and I talked about the DFIR Summit

    Lee Whitfield and I talked about the 4Cast Awards, Voting is open here: https://forensic4cast.com/forensic-4cast-awards/

    Forensic Lunch 4-7-17 Apr 24, 2017

    This week have:

    Ashley Hernandez from Guidance Software talking about Enfuse

    Nicole Ibrahim from G-C Partners talking about event tracing logs in Windows

    Lee Whitfield summing up the news of the week

    Forensic Lunch 3-24-17 Apr 06, 2017

    This episode we catch up with Lee on the news and talk about current issues in DFIR.

    Forensic Lunch 3/10/17 Apr 06, 2017

    This episode we talk vault 7 leaks with Lee Whitfield, what it means for DFIR and other news as well as DFIR database usage discussions and development updates with Matthew and I.

    Forensic Lunch 2-10-17 Feb 16, 2017

    Michael Louis joins us to talk about how lawyers select and vet experts. Also talks about Toastmasters and how they teach good presentation skills and analogy creation through their program.

    Matt Bromiley is here to announce BBQ Con!

    Forensic Lunch 2-3-17 Feb 16, 2017

    Ryan Benson is here to talk about updates to Hindsight, what he's been up to and his other tool SQUID.

    David Dym came on to talk about FAT32 removable storage and the things OSX does to it.

    Forensic Lunch 1-27-17 Feb 16, 2017

    Lee Whitfield comes on to talk about the Forensic 4Cast awards which are now taking nominations.

    Jonathan Poling came on to talk about his new blog and his work at Secureworks

    Forensic Lunch 1-20-17 Feb 16, 2017

    Friend of the show Eric Zimmerman is back to talk about updates to his tools and research

    Forensic Lunch 12-30-16 Feb 16, 2017

    Davida and I talk about whats new in our research, tools and packages

    Forensic Lunch 11-4-16 Feb 16, 2017

    Michael Gough talking with us about his tool LOG-MD and his work.

    We also go into SRUM again showing new data we can correlate within it.

    Forensic Lunch 10-28-16 Hibernation Recon Feb 16, 2017

    This episodes is all about Hibernation files and Mark Spencer's company Arsenal Consulting research into it that led to the creation of a new tool called Hibernation Recon.

    Forensic Lunch 10-26-16 Live from OSDFCon Feb 16, 2017

    Live broadcast from OSDF Con 2016

    Talking about DCITA, Autopsy and the academic program that Mark McKinnon is running at Davenport.

    Sorry about the audio on this one, we had a bad upstream.

    Forensic Lunch 9 23 16 Sep 23, 2016

    The forensic lunch! The twice a month live videocast/podcast all about #DFIR This episode we have: Bradley Schatz of Shatz Forensics and Evimetry, @blschatz, talking about his amazing new toolset Evimetry. Watch this first segment to learn more about AFF4, imaging bottlenecks and how his toolset can allow faster imaging locally, remotely and in cloud while doing a bunch of other really cool stuff! Learn more about his toolset here: http://evimetry.com/ Scott Wahlstrom of KPMG, @wahlstros, came on to talk about the deployable mobile forensic GoKits KPMG has been testing and using in the field. Cool stuff here if you ever wonder how you can bring an entire analysis lab to a data center for a week. Lastly Matt and I talk about whats new in Windows 10 Forensics with the following artifacts covered: Lnk Files Recent Docs Shell bags and Jumplists Watch a couple times to really understand the impact this will have on your investigations!

    Forensic Lunch 9-2-16 Sep 02, 2016

    The Forensic Lunch! The videocast/livecast/podcast all about #DFIR!

    This week we have Eric Zimmerman talking about the work he did speed and scale testing Encase, FTK and X-ways.

    Also Matthew and I talking about our newest tool BitRocker which will expose which recovery keys will unlock a bitlocker encrypted volume. Get our newest tool BitRocker here: https://www.gettriforce.com/product/bitrocker-bitlocker-recovery-key-identifier/ Read Eric's testing here: https://binaryforay.blogspot.com/2016/09/let-benchmarks-hit-floor-autopsy-vs.html

    Forensic Lunch 8-26-16 Sep 02, 2016

    The Forensic Lunch! The twice a month live videocast/podcast all about #DFIR! This broadcast is all about running an isolated virtual network on Intels newest NUC, the Skull Canyon. Watch the video to see us demonstrate running 5 vms in an isolated virtual network on a small, fast and low powered portable system. You can get the Intel NUC Skull Canyon at amazon here: https://smile.amazon.com/Intel-NUC-Ki... or at your local Microcenter or Fry's This is the M.2 NVME SSD Drive I'm using to get 2GB/s reads and 1.5GB/s writes: https://smile.amazon.com/Samsung-950-... This is the memory I used: https://smile.amazon.com/Crucial-16GB... Here is the link to the free version of ESXI v6: https://my.vmware.com/en/web/vmware/e... Expect a blog post where I go through the process

    Forensic20Lunch208-12-16 Aug 16, 2016

    The Forensic Lunch! The twice a month live videocast/podcast all about #DFIR !\ This broadcast: Matt Bromiley, +Matt Bromiley talking about filters he has made for Elastic Handler and work Talking about the 1st Annual Defcon Forensic CTF Updates to EventMonkey to work with EVTXtract from Willi Ballenthin and bringing in descriptions and more! Download the Defcon Forensics CTF Here: https://forum.defcon.org/forum/defcon... The password to extract: ,sli38pdsf;aj8387f*HKlnelne7fy7GUHMBNWlo9udsijw_kn3ohfsa8y^%%T Submit your answers here: whymirosh@gmail.com Link to event monkey: https://github.com/devgc/EventMonkey

    Forensic Lunch 7/29/16 Jul 29, 2016

    It's the Forensic Lunch! The twice a month live videocast/podcast all about DFIR This episode's guests: Phil Hagen Eric Zimmerman Links: - Twitter: @SOF_ELK - Config/code repo: http://for572.com/sof-elk-git - VM readme (w/ instructions and download link):

    Forensic Lunch 7/15/16 Jul 15, 2016

    It's the Forensic Lunch! The twice monthly videocast/podcast just about #DFIR join us as we talk about whats new and what new things you can do! This broadcast we are taking the time to update you on our own tools. We talked about: Pancake Viewer, an open source tool to visually explore forensic images and shadow copies (like an open source ftk imager), https://github.com/forensicmatt/PancakeViewer Event Monkey, an open source and multi threaded event log parser that outputs to sqlite and ElasticSearch, https://github.com/devgc/EventMonkey Event Monkey Monitor, a tool we are working on releasing that lets you monitor event logs in real time pytskUSBDeviceForensics, a version of WoanWare's USB Device Forensics program that allows you to feed in images, https://github.com/woanware/usbdeviceforensics/blob/master/pyTskusbdeviceforensics.py

    Forensic Lunch live from Enfuse Day 2 Jul 13, 2016

    This episode is live from Enfuse with

    Jake Williams and Heather Mahalik

    Paul Shomo of Guidance Software

    Ashley Hernandez of Guidance Software

    Jeff Hedlesky of Guidance Software

    Forensic Lunch live from Enfuse Day 1 Jul 13, 2016

    Forensic Lunch live from EnFuse with Rob Batzloff talking about Encase 8, and James Wiebe talking about new advancements at CRU

    Forensic Lunch 4/29/16 Ladies Edition Apr 29, 2016

    The Forensic Lunch! A special episode hosted by Nicole Ibrahim and featuring in no particular order: Mari Degrazia Cindy Murphy Heather Mahalik Sarah Edwards Shelly Giesbrecht

    Forensic Lunch 4/8/16 with Jared Atkinson Apr 08, 2016

    The forensic lunch!The one hour, mostly, DFIR videocast/podcastThis weeks guest:Jared Atkinson,@jaredcatkinson, talking about about DFIR in powershell or as he calls his toolset PowerForensicsWhat a great Forensic Lunch today with Jared Atkinson talking all about how to do forensics on a live system or mounted image with his Powershell framework PowerForensics.You can grab your own copy of PowerForensics on Github here:https://github.com/Invoke-IR/PowerForensicsRead his Blog here:www.invoke-ir.comVote for him in the Forensic4Cast Awards here:https://forensic4cast.com/forensic-4cast-awards/Reminder I'm up for voting in another category as well!and of course you can follow him on Twitter here:https://twitter.com/jaredcatkinsonBtw, if you want to learn Windows Forensic with me I'm schedule to teach SANS FOR408 Windows Forensics in Houston May 9-14. You can find out more here:https://www.sans.org/event/houston-2016/course/windows-forensic-analysis

    Forensic Lunch 3/25/16 Mar 28, 2016

    The Forensic Lunch!The one hour, mostly, videocast/podcast all about DFIR.This weeks guests:Maxime Lamothe-Brassard of Refraction Point talking about his project Lima Charlie https://github.com/refractionPOINT/li...Ryan Nolette, Security Operations Lead at Carbon Black, talking about all of the ransomware variants he's been seeing and how shadow copies are affectedUs talking about how different tools deal with shadow copies and accessing deleted shadow copies

    Forensic Lunch 3/11/16 Mar 17, 2016

    It's the forensic lunch!

    This broadcast James and I go through the results of our testing of different file carving tools:

    X-Ways Forensics

    Bulk Extractor

    Blade

    Blackbag Blacklight

    Forensic Lunch 2/26/16 with BlackBag Tech Feb 27, 2016

    It's the Forensic Lunch! The one hour, mostly, videocast/podcast all about DFIR! This weeks guests:Austin Colby, Joe Sylve and Vico Marziale from Black Bag talking about the newest additions to the new version coming out in a matter of days.

    Forensic Lunch 1/22/16 Jan 22, 2016

    The Forensic Lunch!The 1 hour, usually, videocast/podcast that brings you the latest in new DFIR research, topics and people. This weeks guests:Hal Pomeranz,@hal_pomeranz, of Deer Run associates talking about updates to his Linux Memory Grabber and some research into bash_history behavior.You can get the linux memory grabber he discussed here https://github.com/halpomeranz/lmgHal can be reached at hal@deer-run.comEric Zimmerman,@EricRZimmerman, of Kroll's cyber security practice talking about prefetch and explaining his tool to get more, as well as whats new in Windows 10 prefetchYou can get Eric's prefetch parser here: https://github.com/EricZimmerman/Prefetchhttp://www.kroll.com/en-us/who-we-are/kroll-experts/eric-zimmermanMatthew and I showing how to use the hfs+ journal parser and what to do with itYou can get the HFS+ Journal parser here: https://www.gettriforce.com/product/hfs-journal-parser/

    Forenisc Lunch 1-8-16 Jan 08, 2016

    The first new lunch of the new year withSarah Holmes of the Foreman project (Open Source DFIR Matter Management), You can get a copy (and contribute to!) foreman here:https://bitbucket.org/lowmanio/foreman/You can contact Sarah here: sarah@lowmanio.co.ukMichael Robinson of the Black T-Shirt Cyber Forensics Challenge talking about well the Black T-Shirt Cyber Forensics ChallengeYou can join the Black T-Shirt Cyber Forensics Challenge here:http://cyberforensicschallenge.com/You can contact them at cyberforensicschallenge@gmail.comOur FSEvents tool will be released just as soon as we write documentation for it. Want an early release for testing? Email me dcowen@g-cpartners.com

    Forensic Lunch 11/20/15 Live from Google! Nov 23, 2015

    Forensic Lunch!

    This episode we are live from Google in Mountain View, California getting an update on their development projects.

    Included are:

    LibYAL

    Forensic Artifact project

    GRR (Google Rapid Response)

    Rekall memory analysis platform

    Plaso

    Timesketch and more!

    Forensic Lunch 11/13/15 Nov 23, 2015

    Forensic Lunch!This weeks guests:Andrew Case,@attrc, from the Volatility Project talking about Volatility 2.5, new plugins and the winners of this years Volatility Plugin ContestYogesh Kahtri, from Champlain, talking about SRUM forensics in Windows 8.1+. A truly amazing new artifact Matt and I talking about our new open source tool Elastic Handler

    Forensic Lunch 10/28/15 - Live from OSDFCon Nov 02, 2015

    The Forensic Lunch!

    In this episode we are broadcasting live from OSDFCon with the following content:

    1. A revised set of rules from our popular forensic game. This time we follow $10,000 pyramid rules to see which of two forensic teams can win!

    2. Brian Carrier from Basis Technology talking about whats new Autopsy 4.0

    3. Rob Fry from Netflix talking about their new open source framework called Fido and hanging with Kevin Spacey

    4. Matthew and I talking about our new automation, normalization and correlation framework ElasticHandler

    Forensic Lunch 10/9/15 with Dave Hawkins, Chris Pavan and James Habben Oct 15, 2015

    This week on the forensic lunch we have:

    Dave Hawkins talking about his firms currently unbeaten contest, lampbash.work

    Chris Pavan, talking about his computer forensics program at Cal State Fullerton and his work in IR at Bechtel

    James Habben talking about his web based front end to volatility called eVOLVe and all the cool things you can do with it

    Forensic Lunch 9/25/15 with Mari Degrazia, Lee Whitfield and Suzanne Widdup Oct 15, 2015

    This broadcast we have:

    Mari Degrazia talking about testing MFT parsers and what goes into them.

    Lee Whitfield talking about the events of the week

    Suzanne Widdup talking about her work on the Verizon DBIR and a solicitation for your involvement

    A talk about Cortana's location tracking storage

    Forensic Lunch 5-19-15 Live from CEIC Day 1 Sep 14, 2015

    Live from CEIC with Michael Robinson, Ronald Clark and more!

    Forensic Lunch 8-21-15 Sep 14, 2015

    In this episode:We discuss the Ashley Madison Data Leak and it's implications for DFIRDavid Dym, @dave873, talks about the newest version of Metadiver and it's ability to show even more metadata, including the contents of pst files and extended mapi!Get it at: www.easymetadata.comMatthew and I talk about our new open source project GC LNK Parser which exposes all of the shell item data we didn't know was there! (Except Joachim Metz) We also preview our integration of our tools to Elastic Search, a preview of our OSDF Con talk and a short talk about things to come in Triforce. Also SANS FOR578, Cyber Threat Intelligence, is now available publicly! Learn more about it here:https://www.sans.org/course/cyber-thr...The SANS Poster on Rekall Memory forensics is out as well and you can get it here: https://www.sans.org/security-resourc...

    Forensic Lunch 7-8-15 live from SANS DFIR Sep 14, 2015

    In this episode recorded in front of a live audience:Our first game of Forensic PassphraseVitaliy Mokosiy of Atola talking about Atola Insight Forensic and its cool direct firmware controlsBrain Carrier of Basis Technology talking about Autopsy 3, Plugin development with Python and OSDF ConBrian Moran of BriMor Labs talking about his live response scripts and new trends in attacker activities

    Forensic Lunch 7-3-15 Sep 14, 2015

    Freedom Edition!Join Matt and I and current guests:Eric Zimmerman, talking deleted registry key analysis and new features in Registry Explorer and more!

    You can get the #DFIRSummit release here: https://www.dropbox.com/s/s7doopqpwxz...

    Forensic Lunch 6-12-15 Sep 14, 2015

    Guests are Matt Bromiley

    Dimitry from Bocasoft

    Forensic Lunch 5-20-15 CEIC Day 2 Sep 14, 2015

    Live from CEIC. Ben LeMere from Berla, Jeff the Product Evanglist from Guidance Software, Amber Shroader from Paraben, and more!

    Forensic Lunch 4-22-15 Sep 14, 2015

    The you should have filed your taxes edition!This week is all about the Forensic 4cast awards. We cover all of the nominees and make our official votes.

    Forensic Lunch 4-3-15 Sep 14, 2015

    The thank goodness April Fools day is over editionGuests this week:Devon Kerr talking about his work at Mandiant/Fireeye and his research into WMI for both IR and attacker usage.You can email Devon here: devon.kerr@mandiant.comand you can follow him on twitter here: https://twitter.com/_devonkerr_Get cool tools from the Mandiant github here: https://github.com/mandiantWatch Devon talk more about WMI and IR at the SANS DFIR Summit: http://dfir.to/1BvOw7G Matthew and I going into the Automating DFIR series and our upcoming talk at CEICWe are on the CEIC agenda here:https://www.guidancesoftware.com/ceic...

    Forensic Lunch 3-20-15 Sep 14, 2015

    We had another great Forensic Lunch! This broadcast we had:James Carder of the Mayo Clinic, @carderjames, talking all about automating your response process to separate the random attacks from sophisticated attacks. You can hear James talk about this and much more at the SANS DFIR Summit where he'll be a panelist! If you want to work with James Mayo Clinic is hiring.Mayo Clinic Infosec and IR Jobs: http://www.mayo-clinic-jobs.com/go/in...Contact James Carder: carder.james@mayo.eduSpecial Agent Eric Zimmerman of the FBI, @EricRZimmerman , talking about his upcoming in depth Shellbags talk at the SANS DFIR Summit as well as his new tool called Registry Explorer. RE and Eric's research into windows registries will be continued in the next broadcast. Whether you are interested in registries from a research, academic or investigative perspective this is a must see, and FREE, tool!Eric's Blog: http://binaryforay.blogspot.com/Eric's Github:https://github.com/EricZimmermanRegistry Explorer: http://binaryforay.blogspot.com/p/sof...

    Forensic Lunch 2-27-15 Sep 14, 2015

    Guests this broadcast:Ben LeMere of Berla talking about Vehicle Forensics, Embedded Systems, Cam bus networks and all the fun he's been having with doing forensics on car entertainment systems. You may be very surprised but what he has to say!Lee Whitfield talking about Superfish, what happened and what you need to know. Robin Keir of Crowdstrike talking about his research and role at Crowdstrike, specifically Superfetch and CrowdResponseShow linksBen LeMereWebsite: http://Berla.coTwitter: @BenLeMereLee WhitfieldForensic 4cast Award Nominations:https://forensic4cast.com/forensic-4c...Twitter: @lee_whitfieldRobin KeirWebsite: http://www.crowdstrike.com/Crowd Response:http://www.crowdstrike.com/community-...Twitter: @RobinKeir

    Forensic Lunch 11-28-14 Sep 14, 2015

    The after Thanksgiving Hangover edition:

    This week we had Eric Zimmerman, @ericrzimmerman, talking about Shellbags, his tool Shellbag explorer and our research into new things we can determine from them.

    Forensic Lunch 2-21-14 Sep 14, 2015

    We had an interesting Forensic Lunch today with:Rob Fuller, @mubix, talking about his new project, project mentor http://www.projectmentor.net/ where Rob is offering to help mentor you into developing the real technical skills in infosec and dfir to get into the industry and other noble aspirations.David Dym, @dave873, talking about the latest version of Metadiver which is available to download at http://www.easymetadata.com/wp/ which can crawl a directory and pull out all the metadata it can find into xls, json, xml and other formats. He also makes shadowkit.Kevin Stokes talking about how to extend and expand our USB Multiboot Dongle, you can download the dongle image here: https://mega.co.nz/#!i45WhQya!SQILk0T...Zoltan Szabo, talking about his stance on Digital Forensics as a science.You can email him at zoltandfw@gmail.com if you want to give your feedback to his opinions.

    Forensic Lunch 12-13-13 Sep 14, 2015

    This week with:Yogesh Kahtri talking about his Windows 8 registry forensics research (You can read it here http://www.swiftforensics.com/ and email him yogesh@swiftforensics.com)

    Dan Pullega talking about his extensive research into Windows Shellbags (http://www.4n6k.com/2013/12/shellbags... and email Dan at dan.pullega@gmail.com)

    David Dym talking about his new tool MetaDiver (You can download it here http://www.easymetadata.com/wp/)

    and Matthew and myself talking about v3 of ANJP and demoing the auto detection of CD Burning.

    Forensic Lunch 12-6-13 Sep 14, 2015

    Robert Haist, talking about his research with page_brute in recovering command execution and other fun things from the pagefile, read his blog about it here: http://blog.roberthaist.com/2013/12/r...Amber Shroader, talking about Device Seizure 6.5 and a great discussion on what happens behind the scenes in your mobile forensics tools as well as the future of cloud phone data acquisition. You can find out more about Device Seizure here: http://www.paraben.com/device-seizure...

    Joakim Schicht, discussing his tools and research, including how he approaches these projects and develops them. You can find his google code repository here: http://code.google.com/p/mft2csv/ with all the tools mentioned today and more!

      Related Podcasts

      Strike Force Five

      1

      Strike Force Five Entertainment News
      Sleepwalkers

      2

      Sleepwalkers News
      The Full Ratchet (TFR): Venture Capital and Startup Investing Demystified

      3

      The Full Ratchet (TFR): Venture Capital and Startup Investing Demystified Business
      The Omni Show

      4

      The Omni Show News
      The Home Front

      5

      The Home Front News
      Impolitic with John Heilemann

      6

      Impolitic with John Heilemann Arts
      footer-logo

      Contact Us

      Toll Free: 844-670-7747

      Links

      • Home
      • Top Charts
      • Networks
      • Apps
      • Independents Podcasts
      • Podcast Advertising
      • Podcast News
      • Contact Us
      • About Us
      • Analytics & Insights

      Stay Connected

        Privacy, Terms of Use & Our Code of Ethics Protecting Content Creators Copyrights