In July, Eric & Whitney gave a talk titled "Breaches Be Crazy" at the SANS DFIR Summit outlining Recon’s unique approach at scaling enterprise forensic timelining.
Scaling Enterprise Forensic Timelining
Oct 6, 2021 2:29:00 PM / by Eric Capuano posted in Automation, DFIR, Velociraptor, Incident Response, Forensics, Operations, SecOps, Security, SOC, Open Source
Securing Your Velociraptor Deployment
Sep 23, 2020 10:51:00 AM / by Whitney Champion posted in DFIR, Velociraptor, Incident Response, Forensics, Operations, SecOps, Security, InfoSec, Threat Hunting, DevOps, AWS, Cognito, Identity Aware Proxy
Our team are huge fans of Velociraptor. It's an incredibly powerful tool, for both DFIR and endpoint management. It currently supports Windows, Linux, and Mac endpoints, and BONUS: it's open source!