Fast, Scalable Results with EZ Tools and the New Command line poster

With the wealth of data stored on Windows computers, it is often difficult to know where to start. This can be true whether you are faced with a single machine or an entire network of Windows computers, having a single, robust set of tools that can be used across the spectrum is a huge benefit. Consistent collection and processing of key forensics artifacts is a must in every scenario. Eric Zimmerman's EZ tools enable you to provide scriptable, scalable, and repeatable results with astonishing speed and accuracy. Go from one investigation a week to several per day. This type of performance is common with the command-line versions of EZ Tools. This webcast provides an overview of the new EZ Tools Command- line poster and how it can aid you when using the EZ Tools to speed up your investigations. Download EZ Tools: https://digital-forensics.sans.org/co... Download Command-line Poster: https://www.sans.org/security-resourc... Speaker Bio Mark Hallman has been performing computer-related investigations for over 12 years. Mark lead and assisted in investigations involving identification, preservation, research, analysis, and presentation of ESI for Fortune 100 and NLJ firms across the United States as well as governmental agencies such as The Department of Justice, The Department of Labor and The Securities and Exchange Commission. Mark's certifications include GCFE, CGFA, GCHI, EnCE, and CCE. Mark was primarily responsible for building the digital forensics and e-discovery practice of a regional firm in Dallas Texas. Responsibilities included forensics tool research and evaluation, development of ESI collection protocols, development of investigation "playbooks", training of the analyst team in the application of those tools and techniques for deployment on client projects. Mark actively lead and participated in hundreds of digital forensics and e-discovery projects. In addition to investigation and team training/development responsibilities, Mark has provided expert testimony in both state and federal courts. Mark currently works for the SANS Institute's Research Operations Center (SROC) researching, designing, developing and testing virtual lab environments for the SANS DFIR curriculum. I look forward to helping anyone with interest in building their skills in DIFR. DFIR Rocks!