Hal Pomeranz is the Founder and Principal Consultant for Deer Run Associates with over 25 years of cyber security experience. As a digital forensic investigator, Hal has consulted on cases ranging from intellectual property theft, to employee sabotage, to organized cybercrime, and malicious software infrastructures. He has worked with law enforcement agencies in the United States and Europe, and with global corporations.
While perfectly at home in the Windows and Mac forensics world, Hal is a recognized expert in the analysis of Linux and Unix systems, and has made key contributions in this domain. His EXT3 file recovery tools were the direct result of an investigation, recovering data that led to multiple indictments and successful prosecutions. His research on EXT4 file system forensics provided a basis for the development of open source forensic support for this file system. Hal has also contributed a popular tool for automating Linux memory acquisition and analysis.
Hal is a SANS Faculty Fellow and SANS’ longest tenured instructor and primary instructor for the Securing Linux/Unix (SEC506) course. Hals is also a regular contributor to the SANS Digital Forensics and Incident Response blog and co-author of the Command Line Kung Fu blog.
In this episode we discuss Linux and Unix forensics, his start at Bell Labs, helping others in the industry, data enterprises should collect, running your own security firm, and so much more.
Where you can find Hal: