DFLabs to Discuss “Live Box” Forensics at Black Hat USA 2018

Incident Response Expert John Moran will Introduce New Tool for Windows that Automates Data Acquisition for Investigations

BOSTON & MILAN--()--DFLabs, the pioneer in Security Orchestration, Automation and Response (SOAR), today announced that incident response and digital forensics expert John Moran will present an Arsenal session at the upcoming Black Hat USA 2018 conference in Las Vegas. DFLabs is exhibiting at the conference in booth #IC2329.



John Moran, Senior Product Manager at DFLabs, is an expert in security operations, incident response, digital forensics and investigations. He has served as a Senior Incident Response Analyst for NTT Security, Computer Forensic Analyst for the Maine State Police Computer Crimes Unit and Task Force Officer for the US Department of Homeland Security. John currently holds GCFA, CFCE, EnCE, CEH, and CHFI certifications as well as degrees in Digital Forensics and Information Security.


Targeted attacks, file-less malware and other advanced hacking techniques have rendered the traditional "dead box" approach to forensics ineffective. Once viewed as a dangerous and dark art, “live box” forensics is becoming the de facto standard, even as CSIRT teams continue to struggle with this type of threat hunting. In this session, John will explain why live forensics is now a necessary part of forensic investigations and cyber incident response. He will discuss the benefits, pitfalls to avoid, and best practices for using live box forensics as a threat hunting tool. In addition, John will introduce a tool for Windows that can automate the process of data acquisition in a more secure, easier to maintain and manage manner. This free tool will be made publicly available on the DFLabs website on the day of the presentation.



Wednesday, August 8, 2018 at 2:30 - 3:50 PM PDT


Black Hat USA 2018, Business Hall (Oceanside), Arsenal Station 2, Mandalay Bay Resort & Casino, Las Vegas, Nevada


To schedule an in-person meeting at the conference or a phone conversation with John Moran, contact Marc Gendron at marc@mgpr.net or +1 781.237.0341. For more information: https://www.blackhat.com/us-18/arsenal/schedule/index.html#performing-live-forensics-without-killing-your-evidence-12058.

About Black Hat USA 2018
Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days of technical Trainings (August 4 – 7) followed by the two-day main conference (August 8 – 9) featuring Briefings, Arsenal, Business Hall, and more. For more information, visit https://www.blackhat.com/us-18/ or follow on Twitter, LinkedIn, Facebook, and Google+.

About DFLabs
DFLabs is a recognized global leader in security orchestration, automation and response technology. The company’s management team has helped shape the cyber security industry, which includes co-editing several industry standards such as ISO 27043 and ISO 30121. Its flagship product, IncMan, has been adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in Europe, North America, and EMEA. For more information, visit www.dflabs.com or connect with us on Twitter @DFLabs.


Marc Gendron PR for DFLabs
Marc Gendron, 781-237-0341

Release Summary

DFLabs incident response expert John Moran will discuss “Live Box” Forensics at Black Hat USA 2018 and present new Windows investigation tool.


Marc Gendron PR for DFLabs
Marc Gendron, 781-237-0341