What if there was a better way? What if examiners could get to critical data quicker? What if the digital data could inform the interview questions? Typically, investigators do not collect or analyze memory in criminal/end-user investigations. Acquiring and analyzing memory is rapid. This means results from the acquisition and analysis of your memory collection can be completed long before the drive finishes imaging. Aaron Sparling, @osintlabworks, Digital Forensics Examiner, Portland Police Bureau Jessica Hyde, Director of Forensics, Magnet Forensics; Adjunct Professor, George Mason University DFIRCON 2020 - Live Online Virtual, US Eastern | Mon, Nov 2 - Sat, Nov 7, 2020 Courses Available: FOR308: Digital Forensics Essentials - NEW FOR498: Battlefield Forensics & Data Acquisition FOR500: Windows Forensic Analysis FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics FOR518: Mac and iOS Forensic Analysis and Incident Response FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response FOR578: Cyber Threat Intelligence FOR585: Smartphone Forensic Analysis In-Depth FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques