Alissa Torres · Apr 10, 2015 · 2:49 PM UTC

Alissa Torres @sibertor

10 Apr 2015

If you had 90 minutes to deliver "Foundations in Digital Forensics" to infosec professionals, what would you include? #DFIR

Hal Pomeranz · Apr 10, 2015 · 2:52 PM UTC

Hal Pomeranz @hal_pomeranz

10 Apr 2015

@sibertor "Hire a professional. Don't f--- with s--- on your own." Eh, I suppose that's not what they want to hear.

Alissa Torres · Apr 10, 2015 · 3:00 PM UTC

Alissa Torres @sibertor

10 Apr 2015

@hal_pomeranz I like that! I can soften the message a bit ;P but addressing the "brittleness of forensic artifacts" is a great idea!

Hal Pomeranz · Apr 10, 2015 · 3:18 PM UTC

Hal Pomeranz · Apr 10, 2015 · 3:18 PM UTC

Hal Pomeranz @hal_pomeranz

10 Apr 2015

Replying to @sibertor

@sibertor Maybe also, "Capture memory before you turn it off!"

Apr 10, 2015 · 3:18 PM UTC

@steve@mastohack.com · Apr 10, 2015 · 3:21 PM UTC

@steve@mastohack.com @stevegibson

10 Apr 2015

@hal_pomeranz @sibertor I guess my live linux boot CD with kik-rad ram dump tool isn’t going to be all that useful after all. ;-)