BlackLight and APOLLO: How to Use Apple Pattern-of-Life Data in Your Investigations
BlackLight now has APOLLO framework built in as a plugin to make it even easier for investigators to get the most out of their data. Pattern-of-life data can be used in many types of investigations to get extremely detailed information from device users. What application was a user using three weeks ago? Where has the user been? Was the user walking, running, or sleeping at a given time? Was the user driving distracted, were they parked or moving? Querying and correlating the databases that keep track of these details can help examiners answer a myriad of investigative questions.
- Overview of Pattern of Life
- Overview of APOLLO
- BlackLight Integration of APOLLO
- Pattern of Life Examples using BlackLight
- Application Usage
- Device Usage
Join BlackBag’s Senior Digital Forensics Researcher, Sarah Edwards, as we dive into this extremely detailed data to make the most out of your investigations.
About our BlackBag Presenter:
Sarah Edwards, Senior Digital Forensics Researcher
Sarah is a Senior Digital Forensics Researcher at BlackBag Technologies working in the DC metro area specializing in Mac and Mobile Forensics. She has worked with various federal law enforcement agencies and has performed a variety of investigations including computer intrusions, criminal, and counter intelligence/terrorism/narcotics. Sarah’s research interests include anything and everything Apple related, mobile devices, digital profiling, and Mac and mobile device security. Sarah has presented at many industry security and forensic conferences and is the author/instructor of SANS FOR518 Mac Forensic Analysis and Incident Response
Register below to watch on-demand now.