Chad Tilbury

Chad Tilbury has over 15 years experience investigating computer crimes, specializing in intrusion incident response, digital forensic examinations, and corporate espionage. His extensive law enforcement and international experience stems from working with a broad cross-section of Fortune 500 corporations and government agencies around the world. As faculty with the SANS Institute in digital forensics, Chad is responsible for educating thousands of students each year in advanced forensics and incident response techniques. As Technical Director for CrowdStrike, Chad provides leadership for the services team, driving innovation to support customers in a variety of offerings. Chad is a graduate of the U.S. Air Force Academy and holds a M.S. and B.S. in Computer Science and GCFA, GREM, GCIH, ENCE, and CISSP certifications.

Reconnaissance Detection (Blue Team)

As we move through this Red Team vs. Blue Team series, our intent is to provide insight into both sides of the…

Investigating PowerShell: Command and Script Logging

PowerShell is becoming ubiquitous in the Microsoft ecosystem, and, while it simplifies administration, it opens up a nearly unprecedented suite of capabilities…

CrowdResponse Application Execution Modules Released

January 19, 2015
Chad Tilbury
From The Front Lines, Research & Threat Intel

As the user base of CrowdResponse multiplies, we see a steady stream of requests from active users. Many use the tool for…

Registry Analysis with CrowdResponse

The third release of the free CrowdResponse incident response collection tool is now available! This time around we include plugins that facilitate the collection…

Mo’ Shells Mo’ Problems – Web Server Log Analysis

Disclaimer: CrowdStrike derived this information from investigations in unclassified environments. Since we value our clients’ privacy and interests, some data has been redacted…