DEFCON 25 presentation. An overview of the basis for needing memory integrity validation (secure hash) checks of a running VM. Edit memory through python scripting. Enhance timeline assurances that you have not missed events with multiple complementary event sources.