Running semi-automatic malware analysis, incident response and forensic workflows with devops tools
Karoliina Kemppainen, Software developer at Traficom
Kimmo Linnavuo, Erno Kuusela, Niklas Saari
Why? Because we want to make the world a better place.
This hands-on workshop is about digital forensics tools and how to create repeatable semi-automatic analysis workflows with devops tools. In this workshop we will be:
* Introducing set of open source tools which are useful and easy to use for analysis work
* Thinking together how to find better and easier ways to do analysis
* Hands on exercises how to create and automatize analysis pipelines
* How to create robust and repeatable analysis pipelines
People who are doing digital threat analysis at their work, incident response teams, people who are interested about the subject.
To attend, bring a laptop running a Ubuntu 18.04 (VM or native).
This workshop leverages work done in the CinCan project (cincan.io), which is about building shareable, repeatable & history preserving analysis pipelines using your favourite tools + CI + git + containers. (INEA/CEF funded project worked on by NCSC-FI, Jyväskylä University of Applied Sciences & University of Oulu)