Recon InfoSec CTO, Eric Capuano, performs a hands-on demonstration of a live incident response against a compromised environment using nothing but the free and open source Velociraptor agent. Gain exposure to this incredibly powerful tool and many of its most common use-cases for IR, including use of notebooks for analysis and enrichment.
Notebook examples can be found here: https://gist.github.com/ecapuano/daee6f3704273c2c8b527f522c1725db