SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

SANS #DFIRSummit Call For Papers (Austin - Jun 2014)

Summit Dates: - June 9-10, 2014 Pre-Summit Course Dates: June 3-8 , 2014 The 7th annual Digital Forensics and Incident Response Summit will once again be held in the live musical capital of the world, Austin, Texas. The Summit brings together DFIR practitioners who share their experiences, case studies and stories from the field. Summit … Continue reading SANS #DFIRSummit Call For Papers (Austin - Jun 2014)


Get a MacBook Air, Toshiba Satellite Ultrabook, or an $850 discount with most #DFIR Online courses

ThroughJan 23, 2014, you can receive a 11" 128GB MacBook Air (just-announced newest model), Toshiba Satellite E45T-AST2N01Ultrabook' Convertible, or an $850 discount when you register and pay for a qualifying*vLiveorOnDemandcourse! SANS-Forensics-Virtual-Training-Offerings To take advantage of this offer, enter one of the following discount codes at checkout: MacBook Air:MACB13 $850 Discount:850B13 Toshiba Ultrabook:PCB13 QualifyingOnDemandcourses include: FOR408: … Continue reading Get a MacBook Air, Toshiba Satellite Ultrabook, or an $850 discount with most #DFIR Online courses


The Power of PowerShell Remoting

PowerShell "Remoting" is a feature that holds a lot of promise for incident response. "Remoting" is the ability to run PowerShell commands directly on remote systems and have just the results sent back to the querying machine. From an IR standpoint, this is like a built-in agent ready and waiting to answer your investigative questions-at … Continue reading The Power of PowerShell Remoting


Case Leads: A Forensicator's take on BlackHat/DefCon/BSides

It's been a busy time in digital forensics and incident response (DFIR). Every summer, for over 20 years, infosec and forensicators and old school hackers have gathered in Las Vegas. A mixture of very deep tech talks, trainings, and technology oriented distractions "flood the zone" in Las Vegas. Close to 15-20,000 people were in Las … Continue reading Case Leads: A Forensicator's take on BlackHat/DefCon/BSides


Reverse-Engineering Malware Course Expanded to Include Capture-the-Flag Challenges

SANS expanded the Reverse-Engineering Malware course (FOR610) to include a day's worth of capture-the flag malware analysis challenges. The challenges are built upon the NetWars tournament platform and are designed to reinforce the skills learned earlier in the course by experimenting with real-world malware. You can get a sneak peak at the new experience. Continue reading Reverse-Engineering Malware Course Expanded to Include Capture-the-Flag Challenges