Memory Forensics with Hyper-V Virtual Machines

Watch Now
Provided by:
Topic: Software
Format: Webcast
With the increased demand for memory forensics and more people using Windows Hyper-V as a hypervisor it's critical the DFIR community follows the proper triage process. Much like ESXi stores a .vmss file for each virtual machines memory Hyper-V stores them in a .bin and .vsv file, however currently it's not as simple to preform memory analysis on these files.
Watch Now

Find By Topic