SANS Windows Memory Forensics Training (FOR526) — Knocks it out of the park!
Jesse Kornblum and Alissa Torres just finished up their first official course dedicated to Windows Memory Forensics
at the SANS Institute at SANS2013 in Orlando. The course teaches key techniques used by actual practioners in the field who use it in their jobs daily -- using memory forensics to find evil and doing a great job at it. The key to this course is that like all SANS training it is not tool dependent but teaches the fundamentals that each analyst should know when responding to incidents with these skills.
SANS is offering a 10%
Earlier this year, SANS created the most in-depth incident response training scenario that spans multiple systems in FOR508: Advanced Forensic Analysis and Incident Response. We discussed the entire scenario in a blog titled: "Is Anti-Virus Really Dead? A Real-World Simulation Created for Forensic Data Yields Surprising Results"
One of the biggest complaints that many have in the DFIR community is the lack of realistic data to learn from. Starting a year ago, I planned to change that through creating a realistic scenario based on experiences from the entire cadre of instructors at SANS and additional experts who reviewed and advised the attack "script". We created an incredibly rich and
We are pleased to report the successful introduction of Access Data's Forensic Toolkit (FTK) v4 into the SANS FOR408 Course (Computer Forensic Investigations - Windows In-Depth). While students have access to well over a hundred free and open source tools during the course, we also felt it important for them to gain an understanding of the capabilities of commercial tool suites. There is no one tool that can accomplish everything during a forensic examination, but in many cases a forensic suite can greatly speed up case processing and analysis. Hence, commercial tools like Guidance EnCase, Magnet Forensics Internet Evidence Finder, and Access Data FTK are all part of
It begins on Day 0: A 3-4 letter government agency contacts your organization about some data that was found at another location. Don't ask us how we know, but you should probably check out several of your systems. You are compromised by the APT.
Most organizations are left speechless as 90% of all intrusions are now discovered due to 3rd party notification. And in many cases, the APT has been on your network for years.
Learn how to hunt for the APT in this completely brand new training course from SANS - FOR508: Advanced Incident Response and Forensics Course.
The NEW FOR508 APT-based course debuted at SANS Security West
Memory analysis skills are one of the most in-demand skills for digital forensics, incident response, and malware analysts today. This August, SANS is introducing a brand new 5-day class dedicated to Windows Memory Forensics. The hands-on course, written by memory forensics pioneer Jesse Kornblum, is incredibly comprehensive and SANS is proud to offer it in the DC area as a beta preview course.
There are numerous benefits to taking the class early. First, you get to see the new material before anyone else. Second, the course is heavily discounted for the beta preview class so we can get feedback and fix anything in the course prior to the official release later this year. Having been to SANS events previously, we wanted to specifically invite you to attend this preview and see the new material before anyone else.
Washington D.C. — Metro Accessible
Aug 27th — 31th,