Thursday, June 30, 2011

Speaking at GFIRST

I will be delivering a special version of the Sniper Forensics presentation at the GFIRST National Conference this year! I'm sure it will be a fantastic event, and I am really looking forward to it!

If anybody is going to be there, I would love to be able to meet you in person! Just let me know!


  1. What's going to be special about this version? Can you post the slides?

  2. It's a combination of SF1 and SF2 with more of a focus on identifying IOCs based on anomaly detection. Starting with what IS an anomaly, what techniques can you use to spot one, and ending with how can you use CONTEXT to help you make decisions regarding the direction of the investigation.

    ALSO...I am going to cover how an IOC should be part of an investigation...not the END of your investigation.