BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//7QMJER
BEGIN:VTIMEZONE
TZID:EET
BEGIN:STANDARD
DTSTART:20000101T000000
RRULE:FREQ=YEARLY;BYMONTH=1;UNTIL=20001231T220000Z
TZNAME:EET
TZOFFSETFROM:+0200
TZOFFSETTO:+0200
END:STANDARD
BEGIN:STANDARD
DTSTART:20021027T050000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:EET
TZOFFSETFROM:+0300
TZOFFSETTO:+0200
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20020331T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:EEST
TZOFFSETFROM:+0200
TZOFFSETTO:+0300
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-tallinn-2025-7QMJER@pretalx.com
DTSTART;TZID=EET:20250925T110000
DTEND;TZID=EET:20250925T114500
DESCRIPTION:Traditional forensic acquisitions create bottlenecks in inciden
 t response\, requiring specialized expertise and significant time that del
 ays investigations. This presentation introduces an automated forensic tri
 age workflow using open-source tools to accelerate response operations.\n\
 nThe workflow utilizes a Velociraptor offline collector to acquire forensi
 c triage images\, automatically uploaded to cloud storage. This triggers a
 n OpenRelik workflow that processes triage data using tools like Hayabusa 
 and Plaso/log2timeline\, with AI-powered analysis and summarization. The p
 rocessed output is uploaded to Timesketch for collaborative analysis.\n\nS
 everal DFIR datasets will be used to show the automation pipeline from ini
 tial collection to timeline analysis. The workflow reduces time-to-analysi
 s from hours to minutes while maintaining forensic integrity.\n\nAttendees
  will learn to implement automated triage workflows and integrate multiple
  open-source tools into investigation pipelines. This targets incident res
 ponders\, digital forensics practitioners and anyone in the security commu
 nity looking to streamline forensic operations.
DTSTAMP:20251016T114456Z
LOCATION:Stage 1
SUMMARY:From Hours to Minutes: Automating Incident Response Triage with Ope
 n-Source Tools - Markus Einarsson
URL:https://pretalx.com/bsides-tallinn-2025/talk/7QMJER/
END:VEVENT
END:VCALENDAR