About the Speaker

Mike Cohen

Mike is the founder of Velocidex

Michael Cohen is a well-known Digital Forensic Researcher and Software Engineer. He has worked on such open source DFIR projects as Rekall and GRR. He founded Velocidex, specialising in development and implementation of opensource DFIR tools. He is the Principal Developer of Velociraptor.

Mike's Talk

Velociraptor is a new open source surgical DFIR tool providing an unprecedented visibility into the state of the endpoint. Velociraptor is controlled completely via the Velociraptor Query Language (VQL) - an SQL like dialect. Using this language it is possible for users to customize and automate detection and response. This talk will demonstrate how Velociraptor can be used in a distributed DFIR investigation - both to efficiently triage and rapidly analyze forensic evidence so as to determine root cause quickly and effortlessly. We then demonstrate Velociraptor's event monitoring framework allowing users to customize their response and escalation capabilities.


Call for Sponsorship is now CLOSED. If you are interested in helping out with the event in other ways, please contact us.