OS Analysis with Volatility
by Tim Coakley
In this course, you will learn how to perform OS analysis of volatile memory using the tool volatility, the most advanced memory forensics framework.
What you'll learn
In this course, OS analysis with Volatility, you will cover how to utilize Volatility to identify and detect evidence of suspected compromise such as malicious commands and programs executed on a host computer system. You will learn how to extract the command line history from the volatile memory. You will also learn how to initiate an investigation of malicious programs and how to defend against malicious program execution. When you are finished with the course, you will have the skills and knowledge to aid in mitigating technique T1055 and 1059.
About the author
Tim Coakley is a Senior Security Solutions Architect for a large multi-national organisation and an author at Pluralsight. Tim started a long and successful full-time career in Digital Forensics supporting the criminal justice system and law enforcement on a long list of criminal cases. Parallel to this Tim ran a research and development business creating solutions from design through to support resulting in some unique and niche software not developed anywhere else. Tim now works fully within t... morehe cybersecurity space and has supported and worked within many security teams including, Investigations, Incident Response, Threat intelligence, Penetration Testing, Governance and Engineering until landing into Security Architecture. Tim has worked in a broad range of industries including Law Enforcement, Telecommunications, Pharmaceuticals, Intelligence, Military, Contracting and consulting. Outside of professional working life, Tim enjoys travelling, hiking, kitesurfing and cooking.