is the digital forensicator and incident responder behind the DFIR Definitive Compendium Project. Currently employed as an Associate Managing Director with Kroll’s Cyber Security and Investigations practice. Devon (@AboutDFIR) is an authority on digital forensics and incident response and has extensive experience in the investigation and remediation of cyber-related threats and incidents from his years with the Federal Bureau of Investigation as well as in the private sector. Devon joined Kroll from the FBI, where he was a Supervisory Special Agent and Senior Digital Sciences Forensics Examiner in the Digital Evidence Field Operations Unit of Operational Technology Division. In this role, he had responsibility for oversight and coordination in FBI Digital Forensics-related field operations across the United States, spanning a variety of matters such as domestic terrorism, mass shootings, critical incident response events, and large-scale electronic evidence collections. In addition, Devon has provided expert witness testimony in federal and state courts. Devon has collaborated on the development of a number of widely used forensic tools. He was also the course material revision architect and co-author of approximately 80 hours of instructional material for the FBI’s CART Tech Certification program and Digital Evidence Extraction Technician (DExT) training curriculums and has been published in PenTest Magazine. In addition to presenting on technical topics to colleagues, computer scientists, and forensic examiner trainees at the FBI Academy in Quantico, Devon has spoken at numerous industry and educational conferences. He began his career with the FBI in 2008, where he later co-founded the FBI’s first North Carolina Cyber Security and Intrusion Working Group (eShield). Before joining the FBI, Devon owned and operated his own technical services firm for six years, specializing in managing the technology needs of corporate clients, to include desktop, laptop, and server IT solutions.
Mary Ellen Kennel
is a current contributor to the DFIR Definitive Compendium Project as of 2017 and is employed as Vice President, Incident Response in the Financial Industry. Prior to her current work, Mary Ellen (@icanhaspii) was a Senior Cyber Threat Analyst at First Data and before that a Senior Consultant with AccessData’s Incident Response and Digital Forensics Professional Services Division. Mary Ellen has over 10 years of experience in the field and has performed numerous investigations for Fortune 500 companies regarding possible hacking, breach, ip-theft, and data compromise. Her tasks and responsibilities include analysis of the evidence for case relevance, documentation of case findings, malware analysis, and executive summary report writing. Mary Ellen has been published and featured in “Hakin9” Magazine, and has been awarded “Super Honorable Mention” from the annual SANS Holiday Hack Challenge. Mary Ellen is adept at relaying technical terms to non-technical people and has presented to the United States Secret Service and the United States Postal Inspectors. Mary Ellen was a contributing author for SANS Institute’s SEC565 “Data Leak Prevention” course and has held the role of SANS Advisory Board Member. She is a graduate of NYU’s IT Security program with a GPA of 4.0; courses including but not limited to: Advanced IT Security, Fast Track CISSP, Firewalls/Packet Analysis, and Network Intrusion Detection: Hacking Understood. Lastly, Mary Ellen is a Mennonite from Lancaster County and author of the Manhattan Mennonite Blog, and she once won an award for building a computer from scratch in 10 minutes and 38 seconds.