My trip to Portland, OR for the e-fense Helix E103 course
Yeah I haven’t blogged in a bit.. haha. I’ll get around to some updates this weekend.
I just got up after sleeping a good bit of the day. I had to red-eye it and fly all night to get home last night.
If you didn’t know, I was up in Portland, OR this week for e-fense’s E103 Live Forensics & Incident Response course. I had a hell of a time actually getting there, it seemed the travel gods just wanted me to suffer, so after an unexpected overnight stay in Dallas on Monday, I made it into the class at 2pm pacific on Tuesday. I didn’t miss much, and the fact that I had recently attended the SANS GCFA course made this more of a refresher course with the bonus of getting some goodies.
I was a bit skeptical before about Helix going commercial, but I see who the target audience was with the move, and honestly it looks like the stuff that will be in Pro (due out in May) is worth the subscription cost. If I recall correctly, dc3dd is the default imaging tool when utilizing the Windows Live Acquisition part of the CD.
Eric Smith was a great facilitator, and the learning environment was great. I loved the classroom they had setup, there were very few glitches, and the workstations were configured correctly, so diving right into some hands on was very very easy.
Portland is a pretty cool place. I lucked out and @Jerod on twitter showed me around town Tuesday night. McMenamins had great beer, and Papa Haydn’s had the best cake I have ever eaten.
Now to get some more sleep. 