SoCal HTCIA Breakfast Meeting (03/18): “Live Acquisition/Triage Using AChoir”

Friday, March 18, 2016 (9AM – 12PM)

Sheraton Fairplex Hotel & Conference Center
601 West McKinley Avenue · Pomona, California, 91768
Conference Room: Vineyard 1

– Continental Breakfast will be served (please email us if you have specific allergy restrictions)
Click here for a map

Please use Eventbrite to purchase tickets:

– NON-MEMBERS: $8.00


SoCal HTCIA Breakfast Meeting (03/18): “Live Acquisition/Triage Using AChoir”
Every Incident Responder eventually comes to the conclusion that they need to script their favorite Live Acquisition/Triage utilities. Live Acquisition/Triage scripts help to minimize response time, maintain consistency, and ensure the integrity of the artifacts.

Join us on Friday, March 18, 2016 (9AM – 12PM) for special SoCal HTCIA Breakfast Meeting as David Porco will discuss his favorite Free and Open Source (FOSS) Windows forensics utilities. He will show how he has scripted these FOSS utilities into a cohesive Live Acquisition/Triage toolkit using AChoir. AChoir is an Open Source scripting utility and framework specifically designed for both building and running Live Acquisition scripts on the Windows platform.

Finally, David will discuss some of the unique built-in AChoir features, and why he chose to create a scripting tool specifically designed for Live Acquisition and Triage.

Speaker: David Porco

David Porco is the author and creator of OMENS, OMENSApp, and AChoir. He has more than 25 years of experience in architecting, installing, maintaining, and defending high value targets. Currently he is the Cyber Security Incident Response Team Program Lead for a Fortune 500 entertainment company. Prior to that, his experience includes 16 years architecting and securing systems for NASA and 7 years architecting, installing and maintaining systems at Lockheed.

We look forward to seeing you there!


You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *