Agenda 2015
| Auditorium | ||||
|---|---|---|---|---|
| 8:30 - 9:00 | Welcome coffee | |||
| 9:00 - 9:10 | Welcome & Introduction | |||
| 9:10 - 10:00 | Keynote: The Illusion of Closed Platform Security | |||
| 10:00 - 10:30 | Break | |||
| 10:30 - 11:30 | Keynote: Cyber Threats, Cyber Risks and what it should tell us | |||
| 11:30 - 13:00 | Lunch | |||
| Auditorium | Trophy/Mascot | Uetliberg | ||
| 13:00 - 13:45 | Efficient Decryption and Cloud Forensics | Getting the most out of EnCase Forensic v7 | iOS9 and El Capitan | |
| 14:00 - 14:45 | Bringing Context And Collaboration To Your Digital Review Process | Addressing Solid State Drive (SSD) forensic acquisition challenges | More Brutto than Netto - Active Archive platform for IT-forensics | |
| 15:00 - 15:45 | Accelerating investigations with data from the cloud | Analysis of deleted data | ||
| 16:00 - 16:45 | Cybersecurity attacks – Harness Intelligence & Relationships to Find Answers | Advanced Digital Forensic Techniques | ||
| 16:45 - 17:15 | Happy hour sponsored by Stroz Friedberg | |||
| Description | |
|---|---|
| Keynote 1 (Auditorium) |
The Illusion of Closed Platform Security Speaker: Pierre Roberge, CEO, Arc4dia [read more...] Session description Current smartphones and tablets mostly rely on 'closed platform security' to prevent applications from having access to the entire system. This, in itself is an improvement to previous traditional systems such as we see with our desktops/laptops. However, preventing selected security applications from accessing the system entirely, is in Pierre’s opinion, a major error. Without the means to employ additional monitoring capabilities, we are left to blindly trust that our smartphones and tablets have not been compromised by advanced malware. How will we detect hidden malware on a system with 'closed platform security' - a platform that provides the perfect blind spot in which to hide? In his presentation, Pierre will try to demonstrate that our trust is blind. That, yes we have raised the cost of malware development, but not enough to avoid it. |
| Keynote 2 (Auditorium) |
Cyber Threats, Cyber Risks and what it should tell us Speaker: Marc Henauer, Head of Unit, MELANI (Reporting and Analysis Centre for Information Assurance) Session description Information and Communication Technologies developed rapidly over the last decade. However, the opportunities, which come with that evolution also bear challenges. Criminal actions can be committed from about every angle of the globe. And often, technical solutions to increase security cannot keep up, with an ever evolving threat landscape. The presentation will shed some light on the actual threat and (new) ways of tackling the problem of cyber risks originating from the increasing use of ICT for any given business process. It will focus mainly on the following points: - The mechanics and behind attacks - The threat actors - The pardigm shift away from IT Security towards Information Assurance |
| 13:00 - 13:45 (Auditorium) |
Efficient Decryption and Cloud Forensics Speaker: Nataly Koukoushkina, Marketing Manager, Passware Session description Documents, mobile devices, hard drives, cloud - where else could encrypted evidence reside? This workshop covers efficient methods to decrypt it, including live memory analysis and data acquisition from Cloud services. |
| 13:00 - 13:45 (Trophy/Mascot) |
Getting the most out of EnCase Forensic v7 Speaker: Steve Gregory, Forensic Solutions Specialist, Guidance Software Session description This session will help examiners using EnCase Forensic v7 Paswwork smarter by presenting simple functions they may have overlooked or may have never known existed. |
| 13:00 - 13:45 (Uetliberg) |
iOS9 and El Capitan Speaker: Stuart Hutchinson, Forensic Analyst and Instructor, Black Bag Technology Session description Implications for your Investigations. |
| 14:00 - 14:45 (Auditorium) |
Bringing Context And Collaboration To Your Digital Review Process Speaker: Speaker: Carl Barron, Senior Solutions Consultant, Nuix Session description Most forensic investigations see a large volume and variety of digital devices as evidence in each case and the web of interactions between them are a major priority for today’s investigators. In this session, find out how to apply contextual analytics to all your digital device evidence at once – enabling you to see the bigger picture and identify the evidence links between them. You will also learn how to use Nuix Web Review and Analytics to collaborate and share the evidence and findings with all the technical and non-technical investigators involved in the case. |
| 14:00 - 14:45 (Trophy/Mascot) |
Addressing Solid State Drive (SSD) forensic acquisition challenges Speaker: Steve Gregory, Forensic Solutions Specialist, Guidance Software Session description This session will help you understand the rapidly evolving SSD landscape and addresses data acquisition challenges forensic examiners are faced with. |
| 14:00 - 14:45 (Uetliberg) |
More Brutto than Netto - Active Archive platform for IT-forensics Speaker: Christof Zihlmann, Founder and CEO, Q5 Session description This innovativ storage platform stops the data explosion, guarantees security, improves efficiency and on top of that: it reduces the storage costs. |
| 15:00 - 15:45 (Auditorium) |
Accelerating investigations with data from the cloud Speaker: Joachim Müller, Cellebrite Session description Mobile susbscriber’s first choice for communication today is social media. The extensive use of those apps creates a wealth of actionable data for investigators of all fields. Such data can be found not only on mobile devices, but – via the Cloud - also on the connected servers. UFED Cloud Analyzer gives investigators quick access to private user data, with or without consent of the suspect. With UFED Link Analysis, investigators can find relationships between suspects and thereby generate investigation leads quickly. Although simple and intuitive to use, Link Analysis can handle all mobile data including apps and locations, as well as provider data and data from the cloud. Learn how Cellebrite’s UFED Link Analysis and UFED Cloud Analyzer will enhance and accelerate your investigations! |
| 15:00 - 15:45 (Trophy/Mascot) |
Analysis of deleted data Speaker: Roman Locher, CTO, Arina AG Session description Deleted data exists on pretty much any storage device. Usually the operation system and the running processes are responsible for generating the majority of deleted files on a system. But if deleted objects have been caused through user action, we can expect that the content of those files might be interesting for our investigation. We will show you which different types of deleted data exist, how they are created and what recovery techniques in forensics products are available today. |
| 15:00 - 15:45 (Uetliberg) |
|
| 16:00 - 16:45 (Auditorium) |
Cybersecurity attacks – Harness Intelligence & Relationships to Find Answers
Speaker: Carl Barron, Senior Solutions Consultant, Nuix Session description This session will explain and demonstrate how advanced technology can help harness the power of intelligence and relationships to investigate cyber attacks. |
| 16:00 - 16:45 (Trophy/Mascot) |
Advanced Digital Forensic Techniques
Speaker: Edouard Forler, Team Leader – Forensic and Legal Analyses, Kudelski Security Session description In this talk, we will present some of the techniques that we have developed and used internally during the last ten years to extract data from various kinds of digital devices and media. Starting with some historical context of the company, we will present an overview of the software and hardware approaches we have developed to extract data from embedded, proprietary, broken and obsolete devices, approaches including chip-off, uncapping and rebonding, bus man-in-the-middle and JTAG – Techniques that we leverage today to offer advanced digital forensics services to external customers. |
| 16:00 - 16:45 (Uetliberg) |
|
Back to top