Description

Accept emails from <no-reply@zoom.us> to get your personalized registration link. 

Topic: Autopsy Advanced Features

Presenter: Mark McKinnon, CCE

Presenter Bio: Mark McKinnon has over 30 years of experience in IT. He started his career writing programs on a mainframe computer, then went on to do systems analysis, database administration, security audits, and finally, computer forensics. He received his computer forensic training from Key Computer Service through their partnership with Kennesaw State University in Georgia.  

Mark is a Certified Computer Examiner (CCE). He is active on many Computer Forensics forums helping other forensic examiners with technical problems and has contributed to the SANS Digital Forensics and Incident Response blog.  

In 2005, Mark started RedWolf Computer Forensics and developed the “Drive Prophet” program, a triage program for Windows Systems. He has created many free programs used by forensic examiners worldwide, including Skype Log Parser, Google Chrome Parser, Windows Prefetch Parser, MFT Parser, and the Vista Thumbcache Parser, on which Mark holds a US copyright.  

Mark is currently an Sr. Cybersecurity Analyst for Sleuthkit Labs where he works on the Autopsy and Cyber Triage Digital Forensics/Incident Response programs.

Mark has written over 70 plugins for Autopsy, a premiere end-to-end open-source digital forensics platform.  He also took 1st, 2nd, or 3rd place in the Autopsy plugin module competition in 2015, 2016, 2018, 2020, and 2021, and in 2015 and 2018, he took 1st place. 

Mark has presented at the OSDFCon Conference, DoD Cybercrime Conference, Sans What Works in Incident Response and Computer Forensics, and several regional conferences. He has also been interviewed on several podcasts. 

Presentation Description: In this webinar we will explore some of the advanced features in Autopsy. We will start with a brief intro to Autopsy then look at the following advanced features: Ingest Profiles, Autopsy Command line and Autopsy Imager. These features can help you create a new workflow or add to your current workflow to help you get the most out of using Autopsy. A demonstration of the features will be part of the presentation.