SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

SANS #ThreatHuntingSummit Valentine Twitter Contest

Love is in the air and we at SANS DFIR want to celebrate February, the month of love and friendship. To show how much we care about our follower friends, we have created the #ThreatHuntingSummit Twitter contest. This contest comes with a fantastic prize, check it out! On April 12th through 19th, SANS along with … Continue reading SANS #ThreatHuntingSummit Valentine Twitter Contest


Threat Hunting & Incident Response Summit Social Media Ambassadors

The SANS Summit team is looking for #ThreatHuntingSummit social media ambassadors! What is a social media ambassador? Someone who is a social media influencer in the DFIR and Threat Hunting space. We are looking for those rock stars who take this upcoming training very seriously but at the same time we want to show why … Continue reading Threat Hunting & Incident Response Summit Social Media Ambassadors


SANS CTI Summit & Training Twitter Contest

We're delighted to announce a Twitter-based contest here with a fantastic prize. And, participating in this one is really easy. Check it out. On February 3rd through 10th, SANS will be running our fourth annual Cyber Threat Intelligence Summit & Training (https://www.sans.org/event/cyber-threat-intelligence-summit-2016) in Alexandria, VA. This event will focus on enabling organizations to build effective … Continue reading SANS CTI Summit & Training Twitter Contest


DFIR Summit 2016 - Call for Papers Now Open

The 9th annual Digital Forensics and Incident Response Summit will once again be held in the live musical capital of the world, Austin, Texas. The Summit brings together DFIR practitioners who share their experiences, case studies and stories from the field. Summit attendees will explore real-world applications of technologies and solutions from all aspects of … Continue reading DFIR Summit 2016 - Call for Papers Now Open


Using ProcDOT Plugins to Examine PCAP Files When Analyzing Malware

ProcDOT is a free tool for analyzing the actions taken by malware when infecting a laboratory system. ProcDOT supports plugins, which could extend the tool's built-in capabilities. This article looks at two plugins that help examine contents of the network capture file loaded into ProcDOT. Continue reading Using ProcDOT Plugins to Examine PCAP Files When Analyzing Malware