What We Have Been Up To: March, April, and May in Review

June 6, 2014

So much has happened and it’s time to let you know what we have been up to these last couple months. Our own Vico Marziale was recently a guest on Forensics Lunch with David Cowan not once, but three times! Forensics Lunch is a weekly webcast featuring digital forensics practitioners and researchers who discuss current tools and techniques in this rapidly changing field. Some of the topics Vico was invited to discuss were a script for researchers to use to find embedded timestamps in the Windows registry, called find_times, some of our DARPA Cyber Fast Track memory forensics research (look for a new tool release this summer!), and our Spotlight Inspector tool for computer forensic investigations on OS X systems.

See the links below for recordings of the shows:

Forensic Lunch 4/4/14 Episode 35 with David Cowen, Matthew Seyer, Dave Hull, Vico Marziale and Joe Sylve

Forensic Lunch 3/28/14 Episode 34 with David Cowen, Matthew Seyer, Vico Marziale and Lee Whitefield

Forensic Lunch 3/21/14 Episode 33 with David Cowen, Matthew Seyer, Nasa Quba, Kausar Khizra and Vico Marziale

The week of May 19, we were invited to the Pentagon to demo several of our research projects that came out of the DARPA Cyber Fast Track Program. From the event materials: “In the Cyber Fast Track (CFT) Program DARPA tapped into the most elite, highly skilled security researchers in the country to create revolutionary technological advancements in the field of cyber security.” While we’re not quite so full of bravado, there were some extremely talented folks in attendance. It gave us the chance to show off three of our current (and continuing) projects: “Forensic Analysis of the OS X Spotlight Search Index“, “Application-Level Memory Forensics for Dalvik“, and “A Framework for Differential Analysis of Malware in RAM“. It was tremendous fun, and we hope some of the people we met enjoyed our work.