SANS DFIR Webcast - IP Theft Collecting Artifact Evidence from the Cloud and Mobile
Author: SANS Digital Forensics and Incident Response
337 View
0m 0s Lenght
0 Rating
Overview Every organization has valuable information that they want to protect. Preventing that information from walking out the front door has become increasingly difficult with mobile devices and cloud based storage solutions. DLP and prevention based tools are helpful but they will never eliminate all exit points in an organization. There will always be a need to investigate those circumstances when prevention fails. When investigating an intellectual property (IP) theft case, a strong understanding of how IP data can be stolen is essential-without that knowledge, how do you know if you are finding all possible evidence? The number of applications for mobile devices and PCs is growing by the minute and it is impossible for an examiner to keep up with all the potential artifacts. Employees are the main source of IP theft for most organizations. This webinar will walk you through an IP theft case study, investigating many of the common methods and artifacts that an internal employee might use to steal valuable data from your organization, including mobile devices and cloud storage artifacts. Join Heather Mahalik from SANS who will discuss the challenges of investigating an IP theft case with the emergence of BYOD and cloud storage providers in the enterprise space, followed by Jad Saliba and Jamie McQuaid of Magnet Forensics who will present a case study to demonstrate the tactics and tools used to collect mobile and cloud storage evidence as it relates to IP theft using Internet Evidence Finder (IEF). Speaker Bios Heather Mahalik Heather Mahalik is leading the forensic effort for Ocean's Edge as a project manager. Heather's extensive experience in digital forensics began in 2003. She is currently a certified instructor for the SANS Institute and is the course lead for FOR585: Advanced Smartphone Forensics. Most of Heather's experience includes: Smartphone forensics: including acquisition, analysis, vulnerability discovery, malware analysis, application reverse engineering, and manual decoding Forensic instruction on mobile, smartphone, computer and Mac forensics in support of the U.S. Government, LE, and commercial level Co-author of Practical Mobile Forensics, currently a best seller from Pack't Publishing Technical editor for Learning Android Forensics from Pack't Publishing Previously, Heather led the mobile device team for Basis Technology, where she focused on mobile device exploitation in support of the U.S. Government. She also worked as a forensic examiner at Stroz Friedberg and the U.S. State Department Computer Investigations and Forensics Lab, where she focused her efforts on high profiles cases. Heather maintains www.smarterforensics.com where she blogs and hosts work from the digital forensics community. Jad Saliba Jad Saliba, Founder and CTO of Magnet Forensics, is a former digital forensics investigator who left policing in 2011 to devote all of his time to researching new methods of recovering and analyzing all types of evidence for digital forensics investigations. He has since dedicated his efforts to building Magnet Forensics and developing Internet Evidence Finder (IEF) into a thorough and easy-to-use software solution that recovers Internet-related artifacts from computers, smartphones and tablets. Jad is a recognized digital forensics speaker at industry events including: CEIC, Crimes Against Children Conference, EuroForensics, F3, HTCIA, ICDDF, SANS, and the Canadian Police College. Jad served as a police officer for the Waterloo Regional Police Service for seven years and holds a Diploma in Computer Science and Network Security from Mohawk College (Hamilton, Canada). Jamie McQuaid Jamie McQuaid CISSP, EnCE is a forensics investigator with a background in corporate investigations spanning various industries from telecommunications to financial services and manufacturing. His responsibilities included conducting both forensic and physical investigations as well as incident response globally across the organization. McQuaid is currently a forensics consultant at Magnet Forensics where he assists in the development of Internet Evidence Finder (IEF) and provides skilled support to customers with his combined knowledge of IEF and digital forensics. He holds an Advanced Diploma in Computer Security and Investigations from Fleming College and an Honours B.A. from the University of Toronto.