SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics and IR Summit

SANS Threat Hunting and Incident Response Summit 2019 Call for Speakers - Deadline 5/6

Summit Dates: September 30 & October 1, 2019 Call for Presentations Closes on Monday, May 6, 2019 at 5 p.m. CST Submit your presentation here The Threat Hunting & Incident Response Summit will focus on specific hunting and incident response technique and capabilities that can be used to identify, contain, and eliminate adversaries targeting your … Continue reading SANS Threat Hunting and Incident Response Summit 2019 Call for Speakers - Deadline 5/6


Investigate and fight cyberattacks with SIFT Workstation

Digital forensics and incident response (DFIR) has hit a tipping point. No longer just for law enforcement solving cybercrimes, DFIR tools and practices are a necessary component of any organization's cybersecurity. After all, attacks are increasing daily and getting more sophisticated - exposing millions of people's personal data, hijacking systems around the world and … Continue reading Investigate and fight cyberattacks with SIFT Workstation


Gamble? Not with your future

By Lee Whitfield Honestly, I've never been big into gambling. The closest I've come is buying a lottery ticket when I was 18. While I understand the excitement, the science, and compulsion, it has just never been a huge draw for me personally. There are many things that fall into the category of gambling. … Continue reading Gamble? Not with your future


Go Big with Bootcamp for Advanced Memory Forensics and Threat Detection

Many experienced security analysts end up repeating the same investigative playbook for similar types of cases day after day. They become technical experts but siloed into a single lane of investigative scenario, whether it be intellectual property theft, malware or intrusion investigations. With the rapid evolution of fileless malware and sophisticated anti-forensics mechanisms, security … Continue reading Go Big with Bootcamp for Advanced Memory Forensics and Threat Detection


The new version of SOF-ELK is here. Download, turn on, and get going on forensics analysis.

We are excited to announce the release of an all-new version of the free SOF-ELKŪ, or Security Operation and Forensics ELK virtual machine. Now based on the new version of the Elastic Stack, SOF-ELK is a complete rebuild that is faster and more effortless than its predecessors, making forensic and security data analysis easier … Continue reading The new version of SOF-ELK is here. Download, turn on, and get going on forensics analysis.