Introduction to Velociraptor

Infos

Start: 2024-11-09 14:00
End: 2024-11-09 18:00
Location: Lothstraße 64, 80335 München

Abstract

Velociraptor is an open-source tool developed by Velocidex (now Rapid7) to conduct scalable forensic analyses for large infrastructures. The client-server system allows analysts to distribute forensic queries to many endpoints and provides notebooks for interactive reports. Analysts can use the integrated Velociraptor Query Language to create queries and extend Velociraptor.

This workshop provides an introduction to incident response with Velociraptor.

Christian Kollee

Christian currently works as a Network Detection Engineer in the German finance sector. Previously, he worked as a forensic analyst and incident handler in international organizations and medium-sized German businesses. With more than ten years of experience in IT security, Christian knows the problems of all IT security types, from medium-sized companies to DAX30 corporations. Shortly, he will join a company doing Incident Response and Managed Detection & Response. Besides learning about new attacker tools and techniques, he tries desperately to reduce his ever-growing stack of articles and books in his spare time.