Incident responder for more than a decade, I'm now working for the European Commission since 2015. I'm currently in charge of the "Situational Awareness, Threat Intelligence and Malware Analysis" in the European Commission Internal CERT (EC Cybersecurity Operation Centre).
The talk will demonstrate how to use
Sysdiagnose for forensics purposes of Apple devices. Sysdiagnose is a tool which was originally intended for other purposes
The presenters will share with the audience hands-on experiences and share what works and what does not work with this approach.
Incident responders will leave the talk with a deeper understanding of Sysdiagnose and a novel tool in their IR arsenal.