GRR Rapid Response Framework (GRR) Find All the Badness, Collect All the Things

Greg Castle

Thu, 20th November 2014

Speaker Bio 1:
Greg is a Senior Security Engineer in Google's Incident Response team. He is a developer of the open-source GRR live-forensics system, and is currently putting his coding time into building GRR's capability for fast collection of digital forensic artifacts over the Internet. Greg also has strong interest and involvement in OS X security, having been responsible for the security of Google's OS X fleet for two years. He has 10 years of experience in the computer security industry as a pentester, incident responder, and forensic analyst.

Learning Objectives:

Greg will explain:

  • Why we built, and organizations need, a remote live-forensics tool
  • Current problems with how we describe and share knowledge of forensic artifacts, i.e. things of interest during an investigation
  • How you can use GRR artifacts to make investigations simpler and more accurate when using GRR or any other tools

Resources and materials: