Monday, July 13, 2015

Volatility at Black Hat USA & DFRWS 2015!

Due to another year of open research and giving back to the open source community, Volatility will have a strong presence at both Black Hat USA and DFRWS 2015. This includes presentations, a book signing, and even a party!

At Black Hat, the core Volatility Developers (@4tphi, @attrc, @gleeda, and @iMHLv2) will be partaking in a number of events including:
  • Demoing Volatility at Black Hat Arsenal. This will include new plugins targeted at the PlugX malware, showing how to write simple, but effective Volatility plugins, and more!
  • Book signing for The Art of Memory Forensics starting at 11:10AM on Wednesday in the Black Hat book store. All four authors will be present, so be sure to bring your book along or purchase a copy on-site in the bookstore.
  • Volatility Happy Hour: This will be an open bar party where you can meet our team, bring books to be signed, and get Volatility swag all while enjoying tasty beverages. You must register (free) if you wish to attend! Note that the party will be at MGM Grand.
Friends of Volatility will also be leading a number of events at Black Hat including Briefing presentations from Jonathan Brossardjduck, and Alex Ionescu as well as Arsenal Demos from Brian Baskin, Marc Ochsenmeier, David Cowen, and Takahiro Haruyama.

At DFRWS, Dr. Golden Richard will be presenting a paper that he and I wrote: Advancing Mac OS X Rootkit Detection. In this paper, we present several new methods to detect rootkits on OS X systems through memory forensic analysis. All the of the plugins described in the paper will be incorporated into Volatility after the conference. 

Also, at DFRWS, Joe Sylve and Vico Marziale will be leading a workshop on creating forensics tools in Go. If you have never seen Go before, or want to gain some hands-on experience, then we recommend checking it out.

And finally, be sure to check out the "Finding your naughty BITS" presentation by Matthew Geiger, who has been a long time friend of the project.

We hope to see everyone at these events, and we are looking forward to an exciting August! 

No comments:

Post a Comment