Remote collection & analysis is an important part of any internal investigation within your corporate network. Pulling a full forensic image of an endpoint can be time-intensive and can consume network resources, but a targeted collection can alleviate these concerns. This webinar discusses the most useful artifacts to collect in an internal investigation, such as Event Logs, LNK files, Shell Bags, Device Information, and more. Focusing on these types of artifacts will reduce the impact on your network during remote collection and reduce the amount of time needed to analyze the information and draw conclusions.
Understand the advantages of remote collection in internal investigations
Identify the most helpful key artifacts used for analysis of an endpoint
Optimize remote collection techniques to reduce network impact
Delve into a practical example where the adoption of remote collections has conserved both time and money, while also reducing stress