Andrew Case

Andrew Case

Core Developer, Volatility Foundation

Case is a senior incident response handler and malware analyst. He has conducted numerous large-scale investigations that span enterprises and industries. Case's previous experience includes penetration tests, source code audits, and binary analysis. Case is the co-developer of Registry Decoder, a National Institute of Justice funded forensics application, as well as a developer on the Volatility memory analysis framework. He is a co-author of the highly popular and technical forensics analysis book "The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory". He has delivered trainings in the fields of digital forensics and incident response to a number of private and public organizations as well as at industry conferences. Case's primary research focus is physical memory analysis, and he has published a number of peer-reviewed papers in the field.

Phase 3 - Zero-Day Threats, Known Vulnerabilities and Anomaly Detection

Archived Session  • 

Andrew Case - Volatility Foundation, Michael Sutton - Zscaler  •   • 

Start this Session

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.