SANS Digital Forensics and Incident Response Blog

Have any training budget left for this year? Add a forensic analyst to your team!

One trend we are seeing over and over again this year is that even well resourced incident response teams appear to be lacking a strong forensic analysis capability. Many teams simply do not have the ability to quickly and efficiently find and analyze malware present within their enterprise. With threats like the APT (Advanced Persistent Threat) increasing, it seems like a forgone conclusion that every incident response team should have a forensic analyst as well as someone skilled in malware reverse engineering. If you have experiences that agree or disagree with this assertion, please share them!

If you have training funds available for 2009 there are still several SANS forensics classes scheduled. As an added bonus, classes tend to be smaller this time of year, allowing for even more individual attention.

Most of the upcoming events for all the Digital Forensic Courses and training that SANS offers can be found at the upcoming events page of the Computer Forensics Website.

Vancouver
http://www.sans.org/vancouver09/description.php?tid=3667

Colorado Springs
http://www.sans.org/coloradosprings09_cs/description.php?tid=3667

Tucson
http://www.sans.org/tucson09_cs/description.php?tid=3667

Washington D.C.
http://www.sans.org/cyber-defense-initiative-2009/category.php?c=SEC&pcs=2

Do not want to travel?

SEC408, Computer Forensic Essentials is being taught by Rob Lee via vLive starting on Nov 30, 2009.

http://www.sans.org/vlive/details.php?nid=20023