A two-day workshop on memory forensics, memory analysis, triage, and the workflow for live RAM analysis was held at the Amrita Center for Cyber Security Systems & Networks, Amrita University from February 11-12, 2016. The workshop was led by Monnappa K.A., Information Security Investigator of CISCO Systems.
The workshop was attended by over 100 professionals, faculty and research scholars in cyber security, including faculty members and graduate scholars. It covered detailed discussions on tools for analysis, various artefacts found during analysis, and how such artefacts can be correlated with traditional forensics.
Monnappa K.A is based out of Bangalore, India. He works with Cisco Systems as Information Security Investigator focusing on threat intelligence and investigation of advanced cyber attacks. He is a core member of security research community "SecurityXploded". His fields of interest include malware analysis, reverse engineering, memory forensics and threat intelligence. He is an active speaker in the Bangalore security community and Null meetings and has presented on various topics which include "Memory Forensics", "Advanced Malware Analysis", "Rootkit Analysis", and "Sandbox Analysis". He has authored various articles related to "Malware Analysis" and "Memory Forensics" in the Hakin9 and eForensics magazines. Very recently, he did a presentation at Black Hat Europe on "Automating Linux Malware Analysis Using Limon Sandbox" and "Memory Forensics". He also conducted training on "Reversing and Deciphering Cyber Espionage Malware communications" at 4SICS /FIRST SCADA/ICS cyber security conference in Stockholm Sweden.