Day 1

Turning backups into gold: Backup Alchemy for OT

Session complexity:
13:35 - 14:00

This talk is a collaboration between Fox-IT and Airbus. Airbus has recently released The BackupAlchemy Tool (T-BAT), their open-source tool for turning backups into a gold mine of information. With T-BAT, Airbus has been able to provide insight into their Operational Technology (OT) environments in ways that were previously not possible, solving not just cybersecurity problems, but also operational ones.

Two years ago, Dissect was released as open-source software. Primarily designed as a digital forensics and incident response framework, Dissect continues to change the game for incident responders and forensic analysts around the world. At ONE 2023, we shared Dissect with you from an incident response perspective, but what else can you use Dissect for?

Join us as we share some real-world examples of unexpected situations where we’ve applied Dissect. From agent-less security monitoring in OT environments, to getting Domain Administrator privileges through a hypervisor.

The goal of this presentation is to provide the audience with insights on how to creatively apply open-source tools to different problem sets based on their capabilities, not their intended use-cases.

Speakers in this session

Erik Schamper

Falk Lindner