Webcast: Express Artifact Analysis and Timeline Development with KAPE
May 28, 2020 | (Online Event)
Webcast
How much can you accomplish while a full disk image is completing? And what portion of that disk is actually relevant to your case? With KAPE’s collection and triage capabilities full disk forensics is becoming a thing of the past. In this session, KAPE instructor and DFIR expert Mari DeGrazia showcases how key Windows artifacts can be collected from a live or forensic image, parsed, and structured into a mini-timeline in just a few minutes using KAPE.
Watch the On-Demand Webinar Now.Schedule: 1:00 p.m. –1:30 p.m. (ET)
Key takeaways:
- Learn how to leverage KAPE to collect triage data
- Learn how to normalize data across multiple artifacts
- Learn how to build a mini timeline using KAPE
- Learn how to analyze a mini timeline
Tools used in the session:
- KAPE – free download
- Eric Zimmerman Tools
- RegRipper (free download)
- Harlan Carvey’s Timeline Tools
- Unicode to Ascii
- evtxECmd_2_tln.exe
Speaker: Mari DeGrazia, Associate Managing Director, Cyber Risk
Connect With Us
Cyber Risk
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Kroll Artifact Parser And Extractor (KAPE)
Find, collect and process forensically useful artifacts in minutes.
Penetration Testing Services
Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.