What the Heck Just Happened? presented at Converge 2014

by Ken Evans,

Summary : Your network security department just called to follow-up on an event they found in the SIEM that occurred while you were browsing today. After asking a few questions and poking around on your system, they decide to call it a false positive and close the ticket. But what the heck just happened on your system, if anything? A few community and open source forensic tools and a night of data grinding can sometimes tell quite a different story. A great introduction to digital forensics!