Chad Tilbury

Chad Tilbury has over 15 years experience investigating computer crimes, specializing in intrusion incident response, digital forensic examinations, and corporate espionage. His extensive law enforcement and international experience stems from working with a broad cross-section of Fortune 500 corporations and government agencies around the world. As faculty with the SANS Institute in digital forensics, Chad is responsible for educating thousands of students each year in advanced forensics and incident response techniques. As Technical Director for CrowdStrike, Chad provides leadership for the services team, driving innovation to support customers in a variety of offerings. Chad is a graduate of the U.S. Air Force Academy and holds a M.S. and B.S. in Computer Science and GCFA, GREM, GCIH, ENCE, and CISSP certifications.

Articles from Chad

Reconnaissance Detection (Blue Team)

Reconnaissance Detection (Blue Team)

As we move through this Red Team vs. Blue Team series, our intent is to provide insight into both sides…

Investigating PowerShell: Command And Script Logging

Investigating PowerShell: Command and Script Logging

PowerShell is becoming ubiquitous in the Microsoft ecosystem, and, while it simplifies administration, it opens up a nearly unprecedented suite…

CrowdResponse Application Execution Modules Released

CrowdResponse Application Execution Modules Released

As the user base of CrowdResponse multiplies, we see a steady stream of requests from active users. Many use the…

Registry Analysis With CrowdResponse

Registry Analysis with CrowdResponse

The third release of the free CrowdResponse incident response collection tool is now available!  This time around we include plugins that facilitate…

New CrowdResponse Modules

New CrowdResponse Modules

During his talk at this year’s RSA conference, George Kurtz introduced a new free community tool named CrowdResponse.   CrowdResponse is…

Mo’ Shells Mo’ Problems – Web Server Log Analysis

Mo’ Shells Mo’ Problems – Web Server Log Analysis

Disclaimer: CrowdStrike derived this information from investigations in unclassified environments.  Since we value our clients’ privacy and interests, some data has…

Post-Snowden Forensics

Post-Snowden Forensics

It has been over six months since Edward Snowden’s unprecedented NSA leaks, and we are still a long way from…

 

Stop Breaches with CrowdStrike Falcon request a live demo