Tuesday, July 16, 2013

Volatility News

Things have been busy lately, but I want to let you know about some important items that are coming up quickly:

July 27-30th, 2013: Blackhat Vegas


Andrew Case and I will teach our course in Digital Forensics and Incident Response again this summer at Black Hat Vegas.  This course will cover enough material to take someone from knowing practically nothing about digital forensics (disk and memory) to a point where s/he can comfortably conduct his/her own investigations.  There is limited time to sign up, so reserve your seat while you can!

You can hear Andrew talk about Digital Forensics and Incident Response on the Healthy Paranoia podcast from July 7th, 2013.

August 1st, 2013: Volatility Plugin Contest


The 1st Annual Volatility Plugin Contest deadline is quickly approaching!   Don't miss this opportunity to win over $2000 in cash and prizes and contribute to the top memory forensics framework by writing a plugin for the Volatility Framework and submitting it to volcon2013@memoryanalysis.net by August 1st, 2013.

September 9-13th, 2013: Volatility Training in the Netherlands


We will have our 4th public offering of our official Windows Malware and Memory Forensics training in the Netherlands September 9-13, 2013.  This will be our only offering outside the US for this year.  Past offerings of our course have been well received and were recently described as the "... perfect combination of incident response, malware analysis and Windows internals."  Don't miss out on your chance to take this course and learn not only how to become a Volatility superuser, but how to apply cutting edge memory and malware analysis methodologies against your worst adversary.

November 4th, 2013: Open Memory Forensics Workshop (OMFW)


The Open Memory Forensics Workshop (OMFW) call for papers has been announced.  If you want to give a talk on memory forensics related topics, please get your submission in by September 1st, 2013.  OMFW is a half-day workshop that will be held one day prior to the Open Source Digital Forensics Conference in Chantilly, VA.  This workshop is fast-paced, to the point, highly technical and intended to raise the bar for analysts who realize the importance of memory forensics when faced with a highly skilled adversary.  Not only will you learn a lot and get to meet all the movers and shakers in the space, but your $50 registration fee is entirely donated to charity!  Last year all proceeds went to the National Center for Missing and Exploited Children.  So don't delay: there really is limited seating and it does go quickly.  Make sure to register your seat now!

November 5th, 2013: Open Source Digital Forensics Conference


The Volatility team will be at the Open Source Digital Forensics Conference discussing The State of Volatility.  Come by and see us there :-)

November 11-15th, 2013: Volatility Training in Reston, VA


We will have our 5th public offering of the official Windows Malware and Memory Forensics training in Reston, VA November 11-15th, 2013.  If you missed the last offering in June, this is your chance to take this course and learn from the developers themselves.  As I've stated before, this class includes real-world scenarios that are reinforced with hands-on labs.  We cover more than "just one tool" as some detractors like to say.  We cover methodologies that will actually help you where some tools fail.  You will have a deep enough understanding to investigate even the most skilled adversaries who know how to break common tools in order to hide.  Don't be fooled and don't be left behind.  Accept no imitations and make sure to take this class.

All students who take the official Volatility training receive a certificate of completion, with CPE credits that can be used for certification renewal.  In addition to this, we are constantly updating the course with new material and past students are given updated materials for FREE.  What more can you ask for?  If you are interested in Volatility training, drop us a line at voltraining [[ at ]] memoryanalysis.net

If you want to see co-trainers MHL and Andrew Case (attrc) in action, I managed to find a couple of videos of their previous talks on youtube: