CEIC 2012 Conference Malware

CEIC 2012 Day 2 ( Malware, keynotes, EnCE and more)

Day two is now about the hustle and bustle of getting to your registered classes before you get stuck in the nose bleeds or your seat is taken by someone on the waiting list. As a newbie I decided that I would take advantage of the review session for the EnCE test that I will be taking on Wednesday afternoon (wish me luck!). The session started out great and by the time I knew it I had two pages of notes and the 90 minute session was over. The review was simply that, a review, but it was great to take the time to write down facts about encase computer forensics that I already knew. Maybe tomorrow I will get the test done quicker and I will get back to the festivities of sessions and lecture before they end.

The keynote speaker for the day was General Richard Myers who retired from his position as a member if the joint chiefs in 2005. The speech was very interesting and focused on cyber security. The biggest take away was the need for collaboration. Not just collaboration of nation leaders, but everyone involved with security or incident response. Within this industry pride and arrogance sometimes hinders our ability to network ideas and strengths this stops the creation of faster, better and easier solutions to our everyday problems.

Rob Lee, from SANS, taught “Harbinger of Evil: The Forensic Art of Finding Malware”. This was my first time having the opportunity to hear Rob speak and he did great. We got a high level overview of best practices and detailed steps to identify and isolate the program or file that is “harboring the evil”. With out a doubt Rob gets the quote of the day at CEIC 2012.

“Don’t use your ninja moves if you don’t have to!” – Rob Lee was referring to the steps that take more advanced techniques to uncover and find malware.

The next two sessions will be posted this evening and will be on Kindle Forensics and the second is on the art of investigating hacking. If you have specific questions please let me know!


Daniel Parsons

Computer/ Mobile Forensic Examiner

Binary Intelligence