Python Analyst Reference

A quick reference for Python coders, based on Mark Baggett's Automating Information Security with Python course.

Python Analyst Reference (pdf)


Lateral Movement Analyst Reference

Learn to detect lateral movement within your environment.

Lateral Movement Analysis (pdf)


Event Log Analyst Reference

Windows Event Logs store an increasingly rich set of data.  This reference walks you through configuring, storing and analyzing Windows events.

Event Log Analyst Reference (pdf)


Memory Analysis with Volatility Analyst Reference

The battle for our boxes is increasingly being fought in RAM.  Learn to use Volatility to hunt for evil on your systems.

Memory Analysis with Volatility (pdf)


Default Windows Processes Quick Reference

Quick Reference on normal system processes on a Windows system, including their executable's path on disk, the usual process tree, and descriptions of each process.  Perfect to help during memory analysis and system triage.

Default Windows Processes Quick Reference (pdf)


The Light Side of the Force:PowerShell for Incident Response

High profile tools like Empire and Death Star harness PowerShell for offensive purposes.  This presentation examines ways that IT security professionals can leverage PowerShell to protect their assets. 

Light Side of the Force (pdf)


Pivot and Pillage: Lateral Movement within a Victim Network

Modern attackers are like ninjas, stealthily skulking in the shadows, using existing tools to blend in with everyday network activity.  This presentation accompanies our Lateral Movement Analysis Analyst Reference PDF to highlight ways to detect and defeat these hidden adversaries.

Pivot and Pillage Presentaion (pdf)


BYOD or Bring Your Own Destruction

Bring Your Own Device is a paradigm that allows employees to access critical data from almost anywhere using devices that cost the employer nothing. Or do they? We'll take a look at many of the challenges and assumptions that have gone into BYOD policies, or lack thereof, and take a moment to evaluate how reasonable our rush to embrace this approach has been. We'll consider technical challenges such as vulnerability management, mobile device management platforms, and mobile device forensic challenges and look at what countermeasures we can employ to acknowledge and address the reality of this model. 

BYOD Presentation (pdf)


Contact Us

Inquiries and Requests

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Forward Defense


Phone: +971 2 676 7676

Address: 51st Floor, Addax Tower

City of Lights

Al Reem Island

Abu Dhabi, UAE