SANS DFIR Summit and Training this June in Austin – Texas

The Digital Forensics & Incident Response Summit & Training, taking place in Austin, TX, is fast approaching. Register now and save up to $500 with our early bird pricing! Seats are limited and going quickly, so register before they’re gone.

Pre-Summit Training Courses:

June 20 – 25, 2012  SANS top notch Digital Forensic training with courses on network forensics, reverse engineering malware, digital forensic analysis, and incident response.

Digital Forensics & Incident Response Summit:

June 26 – 27, 2012
You’ll be treated to two outstanding keynote presentations – Det Cindy Murphy, Madison Police Department, and Harlan Carvey, Chief Forensics Scientist at Applied Security, Inc. They will be joined by many other of the best minds in forensics and incident response who will share lessons they have learned.

Register Now:


20+ speakers from a variety of companies will cover exceptional content throughout the two-day Summit. The agenda will cover the following topics and much more.

  • – Windows 8 Forensic Artifacts – Kenneth Johnson, Principal Financial Group
  • – Analysis and Correlation of Macintosh Logs – Sarah Edwards, Harris Corporation
  • – Practical Use of Cryptographic Hashes in Forensic Investigations – Par Osterberg Medina, McAfee and Foundstone Professional Services
  • – Reasons Not to “Stay in Your Lane” as a Digital Forensics Examiner – Alissa Torres, KEYW Corporation
  • – Digital Forensics for IaaS Cloud Computing – Josiah Dykstra, US Dept. of Defense
  • – Carve for Records (Not Files) – Jeff Hamm, Mandiant
  • – Android Memory Acquisition and Analysis with DMD and Volatility – Joe Sylve, Digital Forensics Solutions
  • – Sniper Forensics v3: Hunt – Christopher Pogue, SpiderLabs
  • – Decade of Aggression – Christopher Witter, Major Defense Contractor
  • – Passwords are everywhere – Hal Pomeranz, Deer Run Associates
  • – Recovering Digital Evidence in a Cloud Computing Paradigm – Jad Saliba, JADsoftware
  • – Anti-Incident Response – Nick Harbour, Mandiant
  • – Automating File Analysis – Par Osterberg Medina, McAfee and Foundstone Professional Services
  • – Mac Memory Analysis with Volatility – Andrew Case, Terremark
  • – Digital Dumpster Diving – Lee Reiber, AccessData
  • – When Macs Get Hacked – Sarah Edwards, Harris Corporation
  • – Evidence is Data: Your Secret Advantage – Jon Stewart, Lightbox Technologies, Inc.
  • – Taking Registry Analysis to the Next Level – Elizabeth Schweinsberg, Google, Inc.
  • – Tales from the Crypt: TrueCrypt Analysis – Hal Pomeranz, Deer Run Associates
  • – Security Cameras: The Corporate DFIR Too of the Future – Mike Viscuso, Carbon Black
  • – Exfiltration Forensics in the Age of The Cloud – Frank McClain, PrimeLending

View the detailed conference agenda, speakers, and participating vendors as they become available here

The event will bring together the leading minds in digital forensics and incident response who encounter these challenges daily. Evening events are planned to give you the opportunity to enjoy Austin’s best. Share a table with your peers, friends, and speakers. Rub shoulders with people who do what you do – from a wide cross section of industries, company sizes, and experiences.


Don’t miss this opportunity to educate yourself and be more successful in your job. The following skills based courses, taught by SANS’ top-rated instructors, will be offered. For complete course descriptions visit,

FOR 408: Computer Forensic Investigations – Windows In-Depth
FOR 558: Network Forensics
FOR 610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
FOR 508: Advanced Computer Forensic Analysis and Incident Response (2012 Course re-launch – Brand New Update)

Stay connected about announcements and discussions surrounding the summit on twitter using hashtag #DFIRsummit. You can also stay up to date with the latest SANS Computer Forensics & Incident Response information by visiting

We look forward to seeing you in Austin!

Rob Lee
SANS Digital Forensics and Incident Response Curriculum Lead

Published by

Rob Lee

Rob Lee is an entrepreneur and consultant in the Washington DC area, specializing in information security, incident response, and digital forensics. Rob is currently the curriculum lead and author for digital forensic and incident response training at the SANS Institute in addition to owning his own firm. Rob has more than 15 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information warfare. Later, he was a member of the Air Force Office of Special Investigations (AFOSI) where he led a team conducting computer crime investigations, incident response, and computer forensics. Prior to starting his own firm, he directly worked with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and an exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. Rob was also a director for MANDIANT, a company focused on investigating advanced adversaries, such as the APT, for four years prior to starting his own business. Rob co-authored the book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. He was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast Awards. Rob is also an ardent blogger about computer forensics and incident response topics at the SANS Computer Forensic Blog. Rob is also a co-author of the MANDIANT threat intelligence report M-Trends: The Advanced Persistent Threat.