Digital forensic procedures often come with significant overhead, from navigating the complexities of different operating systems to lengthy processes for image collection in the cloud. Additionally, the myriad of available tools can require expertise to select and utilize effectively. Why deal with these challenges when you can automate the basics?
In this talk, we'll discuss the design of a framework aimed at automating triage-level forensics, making it accessible for all analysts to integrate into their investigations. We'll explore the open-source tools we've incorporated and the design paradigms ensuring scalability, concluding with valuable lessons learned.
Jessica Wilson is a security engineer who specializes in response and forensics. She’s worked on a detection and response team for over 6 years building logging pipelines, creating forensic programs, and automating triage level forensics.