MongoDB, Elasticsearch, and CouchDB. With the explosive
growth of these solutions, it’s only a matter of time before you
run into them on your next engagement. Wouldn’t you like to
know what to do with them?
Using a combination of log analytics and an understanding of
core functions of these databases, attendees will learn how to
examine NoSQL artifacts for user activity and data interaction.
We’ll begin with basic CRUD operations to understand how
information is logged, and then expand upon artifact analysis
to trace user sessions, attribute activity to particular users, and
even trace sessions to unique IPs. We’ll also examine artifacts
from RESTful interfaces of NoSQL databases, understanding
how users don’t need to access a machine to interact with data.
This session promises to offer attendees, both new and
experienced, a new perspective on NoSQL databases, artifacts,
and forensic analysis.