Traditional incident response handling only analyzes hard drives and misses valuable evidence stored in volatile memory. This talk will showcase the power of memory forensics and demonstrate through real-world scenarios why it should be a part of every investigation. These scenarios will include Windows infected with advanced malware, compromised Linux servers and malicious Android app analysis.