About this Webinar
This session explores a high-impact approach to digital forensics by prioritizing the most critical data silos in a Windows environment: System Event Logs and User-specific artifacts. We will examine how Event Logs (EVT/EVTX) provide a chronological map of system activity, while User Logs reveal the specific footprints left within individual profiles. The discussion contrasts the exhaustive "deep-dive" forensic method with an efficient, triage-focused strategy to identify which files offer the highest investigative ROI. Attendees will learn to streamline their collection process to capture essential evidence without getting lost in low-value data.
Presenters
Exterro Marketing
Matthew Petersen
GDI Manager at Rockwell Automation
25+ Years as a Computer Forensic Examiner