2025-08-10 –, Cassiopeia
Language: English
In this WHY2025 session, we aim to explore advanced forensic recovery techniques for Synology Disk Station Manager (DSM). We’ll analyze how DSM handles data at the system/OS level, uncover hidden artifacts, and leverage undocumented features crucial to digital forensics. Our findings, detailed in an accompanying whitepaper, guide attendees through best practices and highlight previously unknown methods for evidence collection.
In this WHY2025 session, Mischa van Geelen from Anovum — will unveil the latest research on Synology Disk Station Manager (DSM) forensic recovery methods. Drawing on extensive, hands-on investigations, we will dissect the internal architecture of Synology NAS systems, illuminating the processes that manage data and metadata within DSM.
Through practical demonstrations and real-world case studies, we will explore hidden artifacts, undocumented features, and recovery techniques that empower investigators to retrieve critical evidence/recover data. From recovering volume structure to rebuilding RAID, attendees will gain unique insights into extracting and preserving digital footprints that remain invisible to most forensic tools.
The session will also address common challenges such as encrypted volumes, RAID complexities, and undocumented OS and device capabilities. By shedding light on these topics, we aim to help security professionals, incident responders, and forensic specialists strengthen their investigative practices.
Join this session to discover how a deeper understanding of DSM’s inner workings can make the difference between inconclusive evidence and a breakthrough in your next digital forensics case.
Hi! I’m Mischa Rick van Geelen, founder of Anovum B.V., a leading cybersecurity company. I have investigated and resolved large-scale cyber incidents, including the attacks on Hof van Twente and ROC Mondriaan (publicly documented), and have been involved in numerous anonymous incidents. Additionally, I conducted the penetration test on the CoronaMelder app, with the results submitted to the Dutch Parliament, and I actively contribute to the development of the MIAUW methodology.
As a security consultant, incident responder, and digital forensic investigator, I help organizations strengthen their IT security, investigate incidents, and resolve issues. My expertise includes secure software development, network security, and the implementation of EDR/XDR solutions. I also provide workshops and lectures to enhance cybersecurity awareness.