[フレーム]

Digital Forensics and Incident Response

Latest News & Updates

FOR589: Cybercrime Intelligence
New
New
Course
FOR589: Cybercrime Intelligence
The cybercrime landscape is perpetually evolving, driven by technological advancements, increased investments by nation-states in offensive cyber operations, and a dynamic cybercrime ecosystem that continuously lowers the barriers for novice criminals to collaborate with more sophisticated actors. FOR589 offers a comprehensive exploration of the cybercrime underground, detailing a broad spectrum of tactics and techniques used by cybercriminals to target organizations. This course includes over twenty hands-on labs and a final capstone exercise, equipping analysts with the skills necessary to enhance their organization's defenses, proactively gather critical intelligence, trace cryptocurrency proceeds of crime, and generate actionable insights to protect their organization preemptively.
read more

Digital Forensics and Incident Response Courses by Job Role

DFIR Tools

SOF-ELK_370x200.png
SOF-ELK
SOF-ELK® is a "big data analytics" platform focused on the typical needs of computer forensic investigators/analysts and information security operations personnel. The platform is a customized build of the open source Elastic stack, consisting of the Elasticsearch storage and search engine, Logstash ingest and enrichment system, Kibana dashboard frontend, and Elastic Beats log shipper (specifically filebeat). With a significant amount of customization and ongoing development, SOF-ELK® users can avoid the typically long and involved setup process the Elastic stack requires. Instead, they can simply download the pre-built and ready-to-use SOF-ELK® virtual appliance that consumes various source data types (numerous log types as well as NetFlow), parsing out the most critical data and visualizing it on several stock dashboards.
SOF-ELK

Digital Forensics and Incident Response Certifications

It takes intuition and specialized skills to find hidden evidence and hunt for elusive threats. GIAC's Digital Forensics and Incident Response certifications encompass abilities that DFIR professionals need to succeed at their craft, confirming that professionals can detect compromised systems, identify how and when a breach occurred, understand what attackers took or changed, and successfully contain and remediate incidents. Keep your knowledge of detecting and fighting threats up to date - and your work role secure - with DFIR certifications.

Lethal Forensicator Coins

Hundreds of SANS Institute digital forensics students have stepped up to the challenge and emerged victorious. They've mastered the concepts and skills, beat out their classmates, and proven their prowess. These are the elite, the recipients of the SANS Lethal Forensicator Coin, an award given to a select few among the thousands of students who have taken any of the SANS Institute Digital Forensics or Incident Response (DFIR) courses. Lethal Forensicator Coins are awarded to those who show exceptional talent, make outstanding contributions to the field, or demonstrate leadership in the digital forensics profession and community. The coins are a challenge to win and an honor to receive. They are also intended to be rare.

Are you a LEO affected by training cuts?

SANS is proud to support U.S. Law Enforcement professionals experiencing hardship funding their training efforts. We have created special programs that can offer significant flexibility toward SANS DFIR courses.

SANS.edu Graduate Certificate in Incident Response

  • Designed for working InfoSec and IT professionals
  • Highly technical 13-credit-hour program
  • Includes 4 industry-recognized GIAC certifications

DFIR NetWars and Continuous

An incident simulator with forensic, malware analysis, threat hunting, and incident response case scenarios to help you expand your DFIR capabilities.
370x200_DFIR_Coinslayer.jpg
DFIR Netwars – The Coin Slayer!
Created by popular demand, this tournament will give you the chance to win a fortune of DFIR coinage! To win the new course coins, you must answer all questions correctly from all four levels of one or more of the eight DFIR domains: Windows Forensics, Advanced Incident Response and Threat Hunting, Smartphone Analysis, Mac Forensics, Advanced Network Forensics, Malware Analysis, and DFIR NetWars. Take your pick or win them all!

SANS DFIR Summit

Summit: July 24-25 | Training: July 26-31 Salt Lake City, UT & Live Online Join us for the most comprehensive DFIR event of the year! Don't miss the chance to learn from and connect with the industry's top practitioners who will share their latest digital forensics and incident response research, tools, case studies, and solutions.

Learn DFIR Skills With These Experts

Learn more about Faculty Fellow, Heather Barnhart.

Heather Barnhart

Fellow
To say that digital forensics is central to Heather Barnhart's life is quite the understatement. Heather has worked on high-stress and high-profile cases, investigating everything from child exploitation, homicides to Osama Bin Laden's media.

Reviews

The content was high quality and the exercises were made it easier to fully grasp the content.
Kellon Benson
- Central WA University
The instructor and course materials are the best level, so people who have interest in Forensics should take the course and obtain a deeper knowledge.
Yusuke Takahashi
- LAC
Extremely valuable training! Trainer added value due to his course knowledge & personal experience sharing.
Verreet
- Eu Council
Very relevant to my daily IR work and highly recommend this to any DFIR or IR in general pros.
Emile Smith
- TVA
This is top quality training that will return value immediately when returning to work.
Nic Cargill
This training is great and important to me because it gives me more knowledge to assist in my investigations.
Christopher J.
- GBI Georgia Bureau of Investigation
The material is relevant, real world, and has effective hands on exercises.
Dustin B.
- SOCOM
Getting hands on experience with the labs helps to cement concepts that were taught.
Molly L.
- NCFTA
After two days, I'm excited to go back to work & use what I've learned.
TK
- GRDA
It was great having you as an instructor! Your expertise & experience in the field is such a help during class, you keep things interesting!
Brittany Pedulla
- Kroll

About Digital Forensics and Incident Response

Whether you're seeking to maintain a trail of evidence on host or network systems or hunting for threats using similar techniques, larger organizations are in need of specialized professionals who can move beyond first-response incident handling to analyze an attack and develop an appropriate remediation and recovery plan. Our DFIR Curriculum will teach you how to detect compromised systems, identify how and when a breach occurred, understand what attackers took or changed, and successfully contain and remediate incidents.

Every year the SANS Digital Forensics & Incident Response (DFIR) Faculty produces thousands of free content-rich resources for the digital forensics community. These resources are aimed to provide you with the latest in research and technology available to help you streamline your investigations. Our number one priority is to support the DFIR community by not only providing content to solve even the most difficult problems investigators face daily, but also provide an open forum for community mentoring, development and support.

AltStyle によって変換されたページ (->オリジナル) /