2020-05-15, 10:00–13:00, Workshop Track 1
Learn how to apply the best forensics tool (spoiler: it's your brain!) to solve a mock insider threat investigation.
What do Desjardins, Apple, Yahoo!, and the NSA have in common? They’ve all been in the public eye for incidents spawned by insiders. Insiders' everyday activity requires legitimate use of their knowledge of, and access to, their employer's systems and data. So how can we distinguish between legitimate use of an employer's resources, and use that poses a threat to the organization or those it serves? This workshop introduces attendees to the methodology behind effective digital forensics investigations. Attendees will learn how to apply the best forensics tool (spoiler: it's your brain!) to solve a mock insider threat investigation. The workshop will introduce investigative methodology, core forensics topics, and key free and open source tools to leverage in their investigation.