Friday: 9am – 5pm
The Cloud Forensics Challenge team is excited to bring our workshop to the 2019 BSidesKC conference. We have presented this training at both the 2017 BSides DC and the 2018 BSides Charm events, and seats have sold out both times. The focus of our workshop is two-fold: first, to explore key concepts of Cloud computing and understanding the procedures and processes of conducting a digital forensics investigation in the Cloud; and second, a half-day challenge to test students’ comprehension of the material and their skill sets by investigating a digital image of a Cloud-based server and searching for various “flags” to be turned in as part of a team competition. Prizes will be up for grabs and we anticipate a full crowd for our first time at this conference, so be sure to register as soon as tickets go on sale!
- A good attitude and willingness to learn.
- COME PREPARED. (Seriously, we’ve ran into this before.)
- Some knowledge of the Cloud (helpful, but not a hard requirement)
- Some knowledge of digital forensics (again, helpful, but not a hard requirement)
- Able to tear apart a PCAP file (helpful, but not a hard requirement)
- Able to reverse engineer files (helpful, but not a hard requirement)
- Laptop? Yes. How much RAM or what type of CPU? It needs to run Kali Linux or similar OS without bogging down.
- Utterly despise Linux? Using Windows or a Mac? Not a problem. Grab the following: TSK/Autopsy, and Wireshark
- You’ll also want to grab Volatility (or some other memory forensics app) and OpenStego (or similar)
- Probably wouldn’t hurt to grab Ida Pro or Ollydbg (reverse engineering stuff) and Decrypter (or similar decryption tool)
- Bookmark some cipher sites while you’re at it.
- Hey, this is cloud forensics, remember? The cloud is dynamic and always changing. As does our challenge.
- Like the man once said, “Life is like a box of chocolates. You’ll never know what you’re gonna get.”
- Did we mention the key phrase: “COME PREPARED” ?
- We should also mention, “NEVER GIVE UP, NEVER GIVE IN.” Yes, some of us are Doctor Who fans.
- We encourage our students to stick around until the end of the workshop and challenge.
Kerry Hazelton’s career between Information Technology and Security has spanned the course of over twenty years, and with it he has developed considerable experience with systems and network support, data center operations, and information security. As such, he considers himself a “cybersecurity enthusiast” due to his desire and motivation to read up on the latest trends within the industry, to learn about a new exploit or tool, or his willingness to teach and share with others his experiences over the years. He also has presented technical workshops on the tools and procedures often used in security analysis and cloud-based digital forensics at prior conferences including BSides Charm, DC, and NoVA; which helped to form the basis for the Cloud Forensics Challenge he currently runs. Additionally, he recently gave a talk at his hometown inaugural BSides Idaho Falls conference about his experiences as an instructor, and the importance of mentoring the next generation of hackers.