Since the positive feedback has not yet waned, I was explicitly asked to publish something for non-italian friends as well. So I proceeded to adapt both the previous article and the slides to English.

A few days after the end of the Matera DigiSec 2024, the first event realized by ONIF in Matera on topics related to "Digital Forensics and Cybersecurity for the protection of data and rights," particularly in the corporate sphere, we can certainly say that it was a great success, in terms of participation but also in terms of the quality of the topics covered (I leave here an excellent article, with comments and some photos of the day).

I am really grateful to ONIF for the invitation to actively participate in this event, and for the occasion I decided to illustrate a tool that is still little known (sadly!) but instead is part of the tools of many Incident Response teams and perhaps deserves more attention.

I am talking about the opensource tool Velociraptor, on which I based my short talk, entitled "Enterprise Incident Response with Velociraptor: when tempo is all."
Before I am assailed (rightly) by language purists, I would like to point out that the term tempo, as I explained in more detail during the talk, was deliberately left in Italian, as I used the universally recognized musical meaning of the term, precisely because I imagined the Incident Response Manager as an orchestra Director who, by skillfully using (and in harmony, precisely) the "instruments" (tools) at his disposal, can "lead" to a resolution of the IT Incident.

Apart from metaphors, I have been keen to emphasize how an opensource tool of this kind, if used wisely and skillfully, can drastically reduce the timeframe for intervention and resolution (usually defined as time to identify and contain) leading to significant savings in time and especially money.

The topic certainly deserves a series of articles, which we will publish shortly, but because I have had many requests to share the slides, I have included them below so that everyone can possibly consult them, in the full opensource spirit! 😊