Dissect - The open-source framework for large-scale host investigations

Speaker: Paul Möller & Jan Willem Brandenburg

Abstract

At Fox-IT, we are always looking to push our incident response capabilities to the next level. Because no adversary, no matter how high-end, should be beyond our reach.

This led to the development of Dissect, an enterprise investigation framework that we have open-sourced. Dissect supports us, the analysts, from the moment of acquisition of artefacts, to normalisation, processing, and analysis. It takes away concerns about how to access investigation data, so we can now focus on performing analysis, developing complex analysis plugins, and performing research. You know, the cool stuff that we want to brag about on birthday parties.

Biography Paul

Paul Moller is a Forensic IT Expert and Developer at Fox-IT with a background in (quantum) physics. Before he devoted his time making our society more (digitally) secure, he worked in the research field of Quantum Computing. This resulted in, among others, the following publication in Nature's npj Quantum Information.

Twitter: @dissect









Biography Jan Willem

As a long-time security and opensource enthusiast and engineer Jan Willem currently works at Fox-IT as principle developer where all 3 fields are currently combined working on the dissect project.

Twitter: @pyrco

voorjaar 2023

2024-11-06
Vereniging NLUUG
info@nluug.nl
           postbus 8189
6710 AD Ede