SANS Digital Forensics and Incident Response Blog: Author - SANS Institute

Weekly Computer Forensics Hangouts with David Cowen

David Cowen's weekly "forensic lunch" video hangouts bring together digital forensics and incident response practitioners. Tune in to join the discussion and catch up on the latest industry happenings. Continue reading Weekly Computer Forensics Hangouts with David Cowen


FOR526 (Memory Forensics) Course Updates - Live at DFIRCON!

Alissa Torres and Jake Williams recently updated the material in FOR526 just in time for DFIRCON. Previously, FOR526 focused largely on malware investigations. However, this new revision places new emphasis on misuse/criminal investigations and those investigations where malware may not have been used. We see a lot of those cases now, where by the time … Continue reading FOR526 (Memory Forensics) Course Updates - Live at DFIRCON!


Announcing the #DFIRCON Photo Contest - Chance to Win a Free Simulcast Course


Introducing Mac Forensics: The new SANS #DFIR course in BETA starting in April, 2014

Vienna, VA | Tue Apr 22 - Sun Apr 27, 2014 Digital forensic investigators have traditionally dealt with Windows machines, but what if they find themselves in front of a new Apple Mac or iDevice? The increasing popularity of Apple devices can be seen everywhere, from coffee shops to corporate boardrooms, yet most investigators are … Continue reading Introducing Mac Forensics: The new SANS #DFIR course in BETA starting in April, 2014


Deadline Approaching - APT Malware and Memory Challenge #DFIRCON

DEADLINE 31 Jan 2014 — Winner Announced - 3 Feb 2014 DFIRCON APT Malware & Memory Challenge The memory image contains real APT malware launched against a test system.Your job? Find it. The object of our challenge is simple: Download the memory image and attempt to answer the questions. To successfully submit for the contest, … Continue reading Deadline Approaching - APT Malware and Memory Challenge #DFIRCON