Whatever malware is doing on a computer, the code to carry out its activity has to be in the random access memory (RAM). No wonder that investigating transient memory has become a hot topic in IT forensics over the last decade.
The previous webinar covered the basic, agnostic technique of acquiring memory through the use of kernel drivers and copying tools. However, it required access to the operating system with root or administrator privileges. This webinar covers advanced techniques that will relinquish some of these preconditions and are in some cases be better suited for doing the job of memory acquisition.