FOR572: Advanced Network Forensics Analysis course author and instructor Phil Hagen introduces the SANS DFIR Network Forensics Analysis Poster, which was released late May 2017. Phil browses the poster contents and highlights use cases that can help improve your network forensic capabilities. He also discusses the latest release of the free SOF-ELK analytics VM appliance and shows some examples of how it can help make quick work of even massive volumes of forensic data – whether for Network Forensics, Disk-based Forensics, or Security Operations.
-
Threat Hunting: What it Is, and What it Is Not
Nowadays everybody is talking about threat hunting. Everyone wants to be a threat hunter. … -
Looking at Microsoft Teams from a DFIR Perspective
David Cowen’s Sunday Funday is back, so why not to take part in this fun? Last Sunda… -
SQM: New Evidence of Execution Source?
Forensicating one of compromised hosts during our recent incident response activities we h…
Load More Related Articles
-
Smartphone Forensics Investigations: An Overview of Third Party App Examination
There are millions of applications that can be used on a smartphone. This mini webcast wit… -
Forensics and Incident Response In The Cloud
The purpose of this webinar is to delve into one of the most challenging aspects of workin… -
Building your Android Application Testing Toolbox
This webcast explores the following topics: 1) Choosing the best test device 2) Rooting yo…
Load More In Webinars
Comments are closed.
