SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics and IR Summit

The new version of SOF-ELK is here. Download, turn on, and get going on forensics analysis.

We are excited to announce the release of an all-new version of the free SOF-ELKŪ, or Security Operation and Forensics ELK virtual machine. Now based on the new version of the Elastic Stack, SOF-ELK is a complete rebuild that is faster and more effortless than its predecessors, making forensic and security data analysis easier … Continue reading The new version of SOF-ELK is here. Download, turn on, and get going on forensics analysis.


Top 11 Reasons Why You Should NOT Miss the SANS DFIR Summit and Training this Year

The SANSDFIR Summit and Training 2018is turning 11!The 2018 event marks 11 years since SANS started what is todaythedigital forensics and incident response event of the year, attended by forensicators time after time. Join us and enjoy the latest in-depth presentations from influential DFIR experts and the opportunity to take an array of hands-on SANS … Continue reading Top 11 Reasons Why You Should NOT Miss the SANS DFIR Summit and Training this Year


SANS Threat Hunting and Incident Response Summit 2018 Call for Speakers - Deadline 3/5

Summit Dates:September 6 & 7, 2018 Call for Presentations Closes onMonday, March 5, 2018 at 5 p.m CST Submit your presentation here The Threat Hunting & Incident Response Summit will focus on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting your networks. SANS … Continue reading SANS Threat Hunting and Incident Response Summit 2018 Call for Speakers - Deadline 3/5


Meltdown and Spectre - Enterprise Action Plan

Meltdown and Spectre - Enterprise Action Plan by SANS Senior Instructor Jake Williams Blog originally posted January 4, 2018 by RenditionSec MELTDOWN SPECTRE VULNERABILITIES Unless you've been living under a rock for the last 24 hours, you've heard about the Meltdown and Spectre vulnerabilities. I did a webcast with SANS about these vulnerabilities, how they … Continue reading Meltdown and Spectre - Enterprise Action Plan


WannaCry Ransomware Threat : What we know so far - WEBCAST slides

The WannaCry ransomware worm is unprecedented for two reasons. First, it's a ransomware worm. Second, it appears to be using a recently patched exploit that was stolen from NSA to propagate. Jake Williams' firm, Rendition Infosec, has been tracking the use of this exploit since it was publicly released and completed another internet-wide scan of … Continue reading WannaCry Ransomware Threat : What we know so far - WEBCAST slides