I had the opportunity to speak at the 5th SANS DFIR Summit last week in Austin on "Why Not to Stay in your lane as a Digital Forensic Examiner". Slides can be found here. This was the best conference I have attended to date, especially with regards to the sense of community felt amongst attendees. Thanks to everyone who attended for making it a great experience. And thanks to Rob Lee for inviting me to be part of an impressive group of speakers. Not every digital forensic examiner has the opportunity to take a hiatus from casework and switch to the offensive side, like I have had, and I really appreciate being given the "airtime" to talk about what I have learned from the experience.
Notable presenters included Cindy Murphy for her keynote the first day and her excellent 360 (6 minute) presentation and David Nides, KPMG, who was absolutely amazing in his 360, debuting his GUI frontend to log2timeline. Nick Harbour, CrowdStrike, my new idol!, presented "Anti-Incident Response" and provided great insight into evasion tactics used to foil today's IR processes. There were so many great presentations - I apologize for not mentioning everyone's here, but I had to head out early on Wednesday to return to work. From what I heard, there were some amazing "end of summit" sessions that contained great technical content and were perhaps accompanied by chirping crickets! Sorry to have missed that and I hope next year's summit is just as fun!
