Presentations

I have spoken at a number of public and private conferences. This page lists each public presentation along with a link to the slide deck for the presentation given. My SlideShare account also holds the presentation files for my most popular talks.

Select Recorded Presentations
Effective, Scalable Threat Detection & Response, SecTor, October 2016
The Need for Proactive Threat Hunting within Organizations, Evening Keynote, BSidesTampa 2015
Unmasking Careto through Memory Analysis, SecTor 2014
Keynotes
The (Near) Future of Cyber Defense, SEC Academic Conference on CyberSecurity 2018, Afternoon Keynote
Security from the Start(up), SecretCon 2015, Morning Keynote
The Need for Proactive Threat Hunting within Organizations, BSidesTampa 2015, Afternoon Keynote
Presentations
Volatility 3: Announcing the Public Beta, OSDFCon, October 2019
Windows 10 DFIR Challenges, BSidesLV, August 2019
HookTracer: A System for Automated and Accessible API Hooks Analysis, DFRWS, 2019
Windows 10 DFIR Challenges, BSidesAustin, April 2019
Leveraging Memory Forensics for Incident Response, WACCI, October 2018
Memory Forensics in the Face of Modern Threats, ICDF2C, September 2018
Gaslight: A Comprehensive Fuzzing Architecture for Memory Forensics Frameworks, DFRWS, August 2017
Threat Detection & Response at Scale, API Cybersecurity, November 2016
Effective, Scalable Threat Detection & Response, SecTor, October 2016
Memory Forensics Training, Enfuse, May 2016
Expecting Security from the Start(up), NOEW, March 2016
Proactive Measures to Mitigate Insider Threat, RSA USA, March 2016
Leveraging Proactive Defense to Defeat Modern Adversaries, TakeDownCon Rocketcity 2015
Effective Incident Response in Cloud Environments, Cloud Security World 2015
The Need for Proactive Defense, ISSA NOVA April 2015 Chapter Meeting
Next Generation Memory Forensics, OSDFC 2014
Analyzing Careto through Memory Forensics, OMFW 2014
Rapid, Scalable Triage with Memory Forensics, API CyberSecurity 2014
Analyzing Careto with Memory Forensics, SecTor 2014
Leveraging Memory Forensics for Incident Response, Archc0n 2014
Improving Incident Response with Memory Forensics, Alabama Cyber Security Summit 2014
Memory Forensics during all Types of Investigations, National Cyber Crime Conference 2014
Hunting Mac Malware with Memory Forensics, RSA USA 2014
Mac Memory Forensics during Incident Response, BSidesJackson 2013
Brining Mac Memory Forensics to the Mainstream, OMFW 2013
Leveraging Memory Forensics during DFIR, BSides Boston 2013
Memory Forensics: Defeating Disk Encryption, Skilled Attackers and Malware, RSA USA 2013
Why Memory Forensics should be part of DFIR processes, BSidesJackson 2012
Analyzing Linux Kernel Rootkits with Volatility, OMFW 2012
Mac Memory Analysis with Volatility, SANS DFIR Summit 2012
Investigating Coordinated Data Exfiltration, BSidesDFW 2011
Investigating Coordinated Data Exfiltration, GFIRST 2011
Linux Memory Analysis with Volatility, OMFW 2011
Forensic Memory Analysis of Android’s Dalvik VM, Source Seattle 2011
De-Anonymizing Live CDs through Physical Memory Analysis, Blackhat D.C. 2011
Public Trainings
Volatility Memory Forensics and Malware Analysis Training, Reston, October 2019
Volatility Memory Forensics and Malware Analysis Training, London, September 2019
Digital Forensics & Incident Response, Black Hat Vegas 2019
Volatility Memory Forensics and Malware Analysis Training, Reston, April 2019
Volatility Memory Forensics and Malware Analysis Training, Reston, October 2018
Volatility Memory Forensics and Malware Analysis Training, Amsterdam, September 2018
Digital Forensics & Incident Response, Black Hat Vegas 2018
Volatility Memory Forensics and Malware Analysis Training, Herndon, April 2018
Volatility Memory Forensics and Malware Analysis Training, Herndon, October 2017
Volatility Memory Forensics and Malware Analysis Training, London, September 2017
Digital Forensics & Incident Response, Black Hat Vegas 2017
Volatility Memory Forensics and Malware Analysis Training, Herndon, April 2017
Volatility Memory Forensics and Malware Analysis Training, Reston, October 2016
Volatility Memory Forensics and Malware Analysis Training, Amsterdam, September 2016
Digital Forensics & Incident Response, Black Hat Vegas 2016
Volatility Memory Forensics and Malware Analysis Training, NYC, June 2016
Volatility Memory Forensics and Malware Analysis Training, Reston, April 2016
Volatility Memory Forensics and Malware Analysis Training, San Diego, February 2016
Volatility Memory Forensics and Malware Analysis Training, Reston, October 2015
Volatility Memory Forensics and Malware Analysis Training, August 2015, Amsterdam
Digital Forensics & Incident Response, Black Hat Vegas 2015
Volatility Memory Forensics and Malware Analysis Training, May 2015, Manhattan
Volatility Memory Forensics and Malware Analysis Training, April 2015, Reston
Volatility Memory Forensics and Malware Analysis Training, January 2015, San Francisco
Volatility Memory Forensics and Malware Analysis Training, December 2014, Austin
Volatility Memory Forensics and Malware Analysis Training , October 2014, Reston
Volatility Memory Forensics and Malware Analysis Training, August 2014, Australia
Digital Forensics & Incident Response, Black Hat Vegas 2014
Volatility Memory Forensics and Malware Analysis Training, June 2014, London
Volatility Memory Forensics and Malware Analysis Training, May 2014, Manhattan
Volatility Memory Forensics and Malware Analysis Training, January 2014, San Diego
Digital Forensics & Incident Response, Black Hat Seattle 2013
Volatility Memory Forensics and Malware Analysis Training, November 2013, Reston
Volatility Memory Forensics and Malware Analysis Training, September 2013, Amsterdam
Digital Forensics & Incident Response, Black Hat Vegas 2013
Volatility Memory Forensics and Malware Analysis Training, June 2013, Reston
Volatility Memory Forensics and Malware Analysis Training, March 2013, Chicago
Volatility Memory Forensics and Malware Analysis Training, December 2012, Reston
Digital Forensics & Incident Response, Black Hat Vegas 2012
Podcasts/Interviews
DtSR Episode 146 - State of Enterprise Incident Response, Down the Security Rabbit Hole
Forensics Lunch with David Cowen, Forensics Lunch Series
Security Weekly Episode 381, Security Weekly
Forensics Lunch with David Cowen, Forensics Lunch Series
Healthy Paranoia Show 21: Windows Forensics with Andrew Case, Healthy Paranoia Podcast
Healthy Paranoia Show 14: Digital Forensics and Incident Response with Andrew Case, Healthy Paranoia Podcast
PaulDotCom Episode 241, PaulDotCom Podcast
Registry Decoder, CyberSpeak Podcast
Recorded Online Lectures
Utilizing the Registry for Forensics, IR, and Malware Analysis, BrightTalk
Analyzing Malware in Memory, Hacker Academy Deep Dive
Android Forensics with Volatility and LiME, DFIROnline