Summer Forensic Workshop (Live onsite – Huntington, WV) – July 2024

3-day  Advanced Workshop

Day 1 Overview

Windows 11 Forensic Update

In this one-day workshop you will be exposed to the latest advancements in digital forensics within the Microsoft Windows® 11 Operating System. This specialized day delves into the newest forensic artifacts, updated system configurations, and enhanced analysis techniques tailored for Windows 11 environments.

Throughout the day, participants will navigate through a comprehensive review of Windows 11 features, dissecting updated artifacts and exploring novel user data locations. Dive deep into the analysis of new virtualized applications, gaining invaluable insights into the evolving landscape of digital investigation on Windows 11.

Highlighted topics include the examination of traditional artifacts such as, OneDrive, BitLocker and SandBox environments, alongside an exploration of application artifacts specifically tailored for Windows 11. Participants will gain invaluable insights into the modifications and enhancements introduced in the latest OS iteration, enabling them to adapt their forensic methodologies accordingly.

Day 2 Overview

UAV (Drone) Forensic Workshop

Embark on an immersive journey into UAV digital forensics with our one-day workshop, tailored for intermediate-level participants seeking hands-on expertise in extracting and analyzing data from Unmanned Aircraft Systems (UAS), colloquially known as Drones, and their associated control devices.

Developed by Spyder Forensics, this course delves into the intricacies of UAV technology, equipping attendees with the knowledge and skills to conduct forensically sound extractions and analyses of UAS data following incidents involving drones.

Through a blend of theoretical insights and practical demonstrations, participants will learn to perform non-destructive data extractions from within the aircraft and control devices, leveraging industry-standard tools to create comprehensive forensic collections. This collection will encompass crucial data such as flight logs, aircraft data, photos, and videos, all without the need for dismantling the aircraft or controller.

Upon acquiring data, attendees will delve into advanced analysis techniques, mastering the interpretation of flight logs and user data using specialized software designed for UAV structures. Moreover, participants will gain insights into workflows facilitating seamless connection between drone applications and flight data retrieved from the aircraft.

Throughout the workshop, all software utilized will be readily available for application within DFIR labs at no additional cost, ensuring attendees can seamlessly integrate their newfound skills into their forensic practice without additional financial outlay.

Day 3 Overview

SQLIte Forensic Fundamentals

Dive deep into the realm of database forensics focusing on SQLite database analysis. SQLite stands as a ubiquitous relational database management system, cherished by developers for its standalone functionality, simplicity in setup, management, and minimal resource requirements. In today’s digital landscape, where most mobile applications and mainstream web browsers rely on SQLite databases for storing crucial user data, it’s imperative for forensic examiners to possess adept skills in navigating this widely-used format.

This one-day workshop is meticulously crafted to equip participants with a comprehensive understanding of relational databases and the nuances of SQLite exploitation. Through hands-on exploration, attendees will delve into the intricacies of extracting and deciphering information housed within SQLite tables, especially when conventional forensic tools may fall short.

Throughout the day, participants will engage in practical exercises, utilizing various techniques to extract and interpret data stored within SQLite data files. By working with the results from commonly-used applications, attendees will solidify their understanding of SQLite fundamentals and lay a strong foundation in forensic techniques essential for effective SQLite analysis.

Students will use a variety of open source and leading forensic applications to examine key artifacts through multiple hands-on labs and student practicals.

What you will receive:

Printed course manual · Access to the Spyder Forensics Academy · Course certificate

Course cost: $1,995

About the Trainers

Damien

Damien brings almost 10 years of eDiscovery & digital forensics experience to Spyder Forensics. He has extensive experience working with fortune 500 companies advising both legal and IT departments on all aspects of eDiscovery. With his technical knowledge and problem-solving skills, Damien is a proven eDiscovery workflow specialist and has helped numerous organizations identify cost savings while optimizing their eDiscovery processes. Before joining Spyder Forensics, Damien was a Managing Consultant at AccessData where he managed eDiscovery and digital forensics projects and provided services to companies in various industries including the Health Care, Energy, and Financial industries. Prior to that, Damien was a Computer Crime Specialist at the National White Collar Crime Center where he conducted digital forensic research and performed software validation studies on digital forensic software.

Rob

Rob is the CEO and Founder of Spyder Forensics. He has over two decades of experience developing and presenting training on Digital Forensics, Cyber Security, Mobile Forensics, and eDiscovery education programs for the global digital investigations community. Having previously held the positions of Vice President of Training at Cellebrite, Senior Vice President of Global Training at Nuix, and Director of Training at AccessData. He has also held positions as a Computer Crime Specialist with the National White Collar Crime Centre and with the UK’s Kent Police as a Digital Forensic Analyst.   As a lifetime member of the International Association of Computer Investigative Specialists (IACIS), Rob instructs regularly at the association’s annual conferences and is a lead instructor for several advanced courses as well as regularly presenting at the premier international digital forensics conferences. Rob has contributed to digital forensic publications and is a subject matter expert in various courses for the ATA program managed by the State Department in the USA.