Since the positive feedback has not yet waned, I was explicitly asked to publish something for non-italian friends as well (don’t worry guys, the link to the italian version is still here).
A few days after the end of Matera DigiSec 2024, the first event realized by ONIF in Matera on the topics related to “Digital Forensics and Cybersecurity for data and rights protection”, particularly in the corporate environment, we can certainly say that it was a great success, in terms of participation but also in terms of the quality of the topics covered (I leave here an excellent article, with comments and some photos of the day).
I am really grateful to ONIF for the invitation to actively participate in this event, and for the occasion I decided to illustrate a tool that is still little known (unfortunately!) but instead is part of the tools of many Incident Response teams and perhaps deserves more prominence.
I am talking about the opensource tool Velociraptor, on which I based my short talk, entitled “Enterprise Incident Response with Velociraptor: when time is all.”
Before being assailed (rightly) by the language purists, I would like to point out that the term tempo, as I explained in more detail during the talk, was deliberately left in Italian, as I used the universally recognized musical meaning of the term, precisely because I imagined the Incident Response manager as an orchestra conductor who, by skillfully using (and in harmony, precisely) the “instruments” (tools) at his disposal, can “lead” to a resolution of the IT Incident.
Beyond metaphors, I have been keen to emphasize how an opensource tool of this type, if used wisely and painstakingly, can drastically reduce the timeframe for intervention and resolution (usually defined as time to identify and contain) leading to significant savings in time and especially money.
The topic certainly deserves a series of articles, which we will publish shortly, but because I have had many requests to share the slides, I have included them below so that everyone can eventually consult them, in the full opensource spirit 😊
Leave a Reply