Part 3: Advanced macOS artifacts – Understand and Analyze Unified Logs and KnowledgeC with Inspector - Cellebrite
Webinar  |  On Demand
Computer Access and Analysis Solutions

Part 3: Advanced macOS artifacts – Understand and Analyze Unified Logs and KnowledgeC with Inspector

Ask the Expert - UFED Physical Analyzer
Thank you for submitting the form.
Your webinar is now available.

Aired: June 16, 2021
Duration: 1 Hour

Watch Part 1 here
Watch Part 2 here

In part three, Bruce Hunter,  Senior Trainer Developer at Cellebrite, will dive deep into Apple’s® Unified Logs and Inspector’s APOLLO plugin.  First, we will learn how to construct filters in Inspector to maximize your analysis and get the most out of this power forensic artifact.  Then, we’ll wrap up with a deep dive on how to analyze macOS using Cellebrite Inspector’s APOLLO plugin. On macOS, many of these same databases exist, but there is a whole new opportunity to look into Mac-specific artifacts.   

At the end of Part 3, you’ll be able to:

  • Recognize the value of unified logs in macOS investigations
  • Construct filters in Cellebrite Inspector to maximize unified log analysis
  • Realize the value of the APOLLO plugin in macOS investigations
  • Effectively use Cellebrite Inspector together with the APOLLO plugin to gain insight into the computer usage

Speakers

  • Bruce Hunter Senior Trainer Developer at Cellebrite

Speaker