- About FIRST
- FIRST Members
- Global Initiatives
- Special Interest Groups (SIGs)
- Best Practices Contest
- Standardization efforts
- Affiliates
- Events
- Meetings
- Security Library
- Newsroom
Friday — March 30th, 2012 13:30
The class provides a brief introduction into memory management of the Intel x86 architecture, and memory management concepts of Microsoft Windows. Participants will gain an overview over memory acquisition techniques and learn how to use Volatility 2.0 to analyze RAM images.
An Ubuntu-based training environment with Volatility 2.0 and real-world RAM images will be provided. Participants are expected to provide their own laptop, with at least 1 GB RAM free for applications, 10 GB free disk space, and the latest version of VMware (either Workstation, Player, or Fusion) installed. The virtual machine image will be available for download from http://r.forens.is/saopaulo starting March 27, 2012.
Andreas Schuster (Deutsche Telekom AG, DE) 
Copyright © 1995 - 2013 by FIRST.org, Inc.
