OsintOps Blog

OsintOps is the blog dedicated to all news concerning OSINT (and more)

Enterprise Incident Response with Velociraptor: when tempo is all

Since the positive feedback has not yet waned, I was explicitly asked to publish something for non-italian friends as well (don’t worry guys, the link to the italian version is still here).

A few days after the end of Matera DigiSec 2024, the first event realized by ONIF in Matera on the topics related to “Digital Forensics and Cybersecurity for data and rights protection”, particularly in the corporate environment, we can certainly say that it was a great success, in terms of participation but also in terms of the quality of the topics covered (I leave here an excellent article, with comments and some photos of the day).

I am really grateful to ONIF for the invitation to actively participate in this event, and for the occasion I decided to illustrate a tool that is still little known (unfortunately!) but instead is part of the tools of many Incident Response teams and perhaps deserves more prominence.

I am talking about the opensource tool Velociraptor, on which I based my short talk, entitled “Enterprise Incident Response with Velociraptor: when time is all.”
Before being assailed (rightly) by the language purists, I would like to point out that the term tempo, as I explained in more detail during the talk, was deliberately left in Italian, as I used the universally recognized musical meaning of the term, precisely because I imagined the Incident Response manager as an orchestra conductor who, by skillfully using (and in harmony, precisely) the “instruments” (tools) at his disposal, can “lead” to a resolution of the IT Incident.

Beyond metaphors, I have been keen to emphasize how an opensource tool of this type, if used wisely and painstakingly, can drastically reduce the timeframe for intervention and resolution (usually defined as time to identify and contain) leading to significant savings in time and especially money.

The topic certainly deserves a series of articles, which we will publish shortly, but because I have had many requests to share the slides, I have included them below so that everyone can eventually consult them, in the full opensource spirit 😊

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

OsintOps News Channel

Latest Posts

  • The difficult detection in Art: between Osint, Music and (anti)censorship
    The difficult detection in Art: between Osint, Music and (anti)censorship. Journey through the hidden meanings of words, both in art and anti-censorship, and on the difficulties of making OSINT in languages and cultures other than one’s own.
  • La difficile detection nell’Arte: tra Osint, Musica e (anti)censura
    La difficile detection nell’Arte: tra Osint, Musica e (anti)censura. Viaggio tra i significati nascosti delle parole, sia nell’arte che nella lotta alla censura e sulle difficoltà di fare OSINT in lingue e culture diverse dalla propria.
  • Enterprise Incident Response with Velociraptor: when tempo is all
    On the occasion of Matera DigiSec 2024, I decided to illustrate a tool that is still little known (unfortunately!) but instead is part of the tools of many Incident Response teams and perhaps deserves more prominence. I am talking about the opensource tool Velociraptor, on which I based my short talk, entitled “Enterprise Incident Response with Velociraptor: when time is all.”
  • Enterprise Incident Response with Velociraptor: when tempo is all
    In occasione del Matera DigiSec 2024 ho deciso di illustrare un tool ancora poco conosciuto (purtroppo!) ma che invece fa parte degli strumenti di molti team di Incident Response e che forse meriterebbe maggior rilievo. Sto parlando del tool opensource Velociraptor, sul quale ho basato il mio breve intervento, dal titolo “Enterprise Incident Response with Velociraptor: when tempo is all”.
  • First Presentation of the Anu₿itux Project
    Anubitux Project presented for the absolute first time the open-source distribution Anubitux, during the Cyber forensics IISFA Forum 2024, in Rome

Popular Categories