SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

BRAND NEW #DFIR COURSE - Windows Memory Forensics In-Depth

Memory analysis skills are one of the most in-demand skills for digital forensics, incident response, and malware analysts today. This August, SANS is introducing a brand new 5-day class dedicated to Windows Memory Forensics. The hands-on course, written by memory forensics pioneer Jesse Kornblum, is incredibly comprehensive and SANS is proud to offer it in … Continue reading BRAND NEW #DFIR COURSE - Windows Memory Forensics In-Depth


An Overview Of Protocol Reverse-Engineering

JOIN SANS FOR A 1-DAY CYBER THREAT INTELLIGENCE SUMMIT headed by Mike Cloppert - 22 Mar 2013-http://www.sans.org/event/what-works-cyber-threat-2013 With this post I'm kicking off a series designed to help analysts reverse engineer undocumented - or poorly documented - network protocols. It is fairly common for incident responders to be presented with a network packet capture (PCAP) … Continue reading An Overview Of Protocol Reverse-Engineering


Digital Forensic Case Leads: New and Updated Tools, A Few Awards, A Little News and a Couple of Videos.

This week in Case Leads we have many new tools and updates to tools, so don't forget to test, test, test. Lance Mueller is back blogging as well as the forensic 4Cast awards and some videos talks from the SANS DFIR Summit. In the news a Grad student uncovers a privacy scandal, a lawsuit is … Continue reading Digital Forensic Case Leads: New and Updated Tools, A Few Awards, A Little News and a Couple of Videos.


SANS Digital Forensics and Incident Response Poster Released

Download SANS DFIR Poster 2012 The SANS Digital Forensics and Incident Response faculty and community members created the 2012 poster. "Evidence of..." categories to map a specific artifact to the analysis question that it will help to answer. Finding unknown malware is an intimidating process to many, but can be simplified by following some … Continue reading SANS Digital Forensics and Incident Response Poster Released


Digital Forensics Case Leads: Shmorgishborg of #DFIR

This week's edition of SANS Case Leads features a shmorgishborg of #DFIR tool updates, good reads, and some follow up information to recent data breaches. Don't forget to vote for the Forensic4cast awards, voting closes at the end of the day June 17 2012 and winners will be announced at the SANS DFIR summitt June … Continue reading Digital Forensics Case Leads: Shmorgishborg of #DFIR