April 2017 Meeting

Daniel Nowak will be presenting Cross Domain Hunting: Taking Investigations across the Human to Digital Divides.

Wednesday, April 12.
9 A.M. – 12 P.M.
University of Phoenix, Tempe

Be sure to register, as seating is limited.

Daniel has spent two decades deep in the trenches of the global security community crafting the strategy that has lead organizations into battle against hackers, malware, malicious insiders and human error. Daniel has extensive experience in the development of visionary security products and solutions, execution of technology partnerships & sales channels, as well as the operational nuances and strategic business structures required to effectively run multi-national operations.

Daniel has served in many leadership positions throughout varied corporate landscapes ranging from the world of Big-4 and boutique security consulting, to security management at global holding companies, into the heart of SaaS providers, developing an intelligence focused security practice at a $800m federal integrator, most recently bootstrapping intelligence focused technology and service startups.

From packets to people, Daniel has navigated the broad spectrum of security postures and responses to security related events in the enterprise, government agencies, law enforcement and military agencies. Organizations ranging from the US Fedgov to Fortune 100, NGOs and LE agencies have requested briefings both stateside and internationally. From world of the road warrior to the corporate board, these experiences have provided Daniel the perspective to be an effective catalyst and agent of change in shaping organizations to function in an increasingly unstable global community.


February 2017 Meeting

We are fortunate to have David Cowen presenting live at our February 2017 meeting on file system forensics and evidence correlation.  

The Wednesday, February 8th meeting will be held between 9am and 12noon at the University of Phoenix in Rooms 301/302.  You can find more details on the event at the Eventbrite link below.

We are expecting a good turnout, so please be sure to register via the link below.  


This meeting is not to be missed!

David’s contributions to digital forensics community include:

If you haven’t subscribed to the Forensic Lunch or checked out the open source tools on his GitHub repository, please make sure to do so.

December Luncheon

This year’s Christmas luncheon will be different than past years. We will be holding the luncheon on Wednesday, December 14th at 10AM at Aunt Chilada’s, 7330 N Dreamy Draw Dr, Phoenix, AZ 85020. However, for this year, AZHTCIA members will eat FREE!  Approved guests are welcome, but there will be a charge of $20.  There will be no drawing or prizes this year.

Things That Work – 2016:

In lieu of a speaker and as a way to foster one of the key tenets of HTCIA (information sharing and collaboration), our luncheon will begin with an informal “Things That Work” session.  Every member is encouraged to share a tip, trick, lesson learned, or any other useful bit information from their last year in the field.  It can be mounting a new image format like AFF or VHDX, a tool you used or a script you wrote that helped you piece together evidence, or a the nuances of issuing a subpoena or search warrant to a certain kind of organization.


None of us have seen it all.  We all struggle from time-to-time on cases.  What may seem trivial to you could save one of your colleagues a mountain of time.  We all have something to give, so don’t be shy.  There will be a sign-up sheet at the door, so please be sure to sign-up and contribute.


On the flip side, also give some thought to any areas that you’d like to know more about or to refine your workflow with.  There may be something that you feel you’re spending too much time on that someone else may have already solved.  There will be another sign-up sheet at the door for questions, and we’ll also use this sheet to try to help focus the 2017 speaker presentations.


Some examples of contributions and questions are:  This year, Mike Lombardi found a way to perform reverse searching of videos and experimented with some iPhone spyware that doesn’t require the phone to be jailbroken.  Spoiler alert:  The video search is often helpful, the iPhone app not so much.  On the other hand, he still hasn’t found a good way to search an array of domain names all at once; like cross-referencing all of the domains found in a log with a list of known bad domains.

Election for 2017 Chapter Board:

Because we did not hold a vote for whether our election would be held via mail-in ballots or electronically, we have not been able to hold our election yet and will be voting on our voting method this meeting.  We are still seeking nominees for the positions of 1st Vice President, 2nd Vice President, Treasurer, and Secretary.  Nominations will be accepted at the meeting and self-nominations are acceptable.  Candidates must be HTCIA members in good standing.  Election for the 2017 board will be held in January after a waiting period established by our bylaws.

I hope to see you there.

August 2016 Meeting

The next AZHTCIA meeting will be held on Wednesday, August 10th, from 9am to noon at:
Phoenix Police Department
Family Advocacy Center Community Room
2120 N Central Ave
Phoenix, AZ 85004
  • IMPORTANT: Please park in the overflow parking lot, which is marked in the upper left corner on the attached map. Street parking in front of the building is limited and should be reserved for crime victims who have appointments at the center.

Barry Cogan will be our August guest speaker and will be presenting on Web Application Hacking 101 – Penetration Testing Your Company Websites for Vulnerabilities.

We will introduce the attendees to Web Application Penetration testing using Open Source/ Freely available tools. By the end of the talk you should leave knowing:

  • the current top 10 web application vulnerabilities,
  • how to perform basic manual discovery and verification,
  • and run automated web application scanners against your applications

This talk will serve as the foundation for more advanced web application hacking talks should the group want more on the subject.

If you wish to follow along in practice (recommended)  Download the following tools:

Speaker Biography – Barry Cogan:
Irish Native. Software Engineer for over a decade. Became a full time penetration tester in early 2014.  SANS GWAPT certified in 2015.  Currently employed with RiskSense Inc.


We hope to see you there!