Categories

There are currently no items in your shopping cart.

User Panel

Forgot your password?.

Sans FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics

Video Introducing this tutorial


1. Advanced Digital Forensics, Incident Response, & Threat Hunting:
1. Introduction to Advanced Incident Response & Threat Hunting
2. Malware-ology
3. ATT&CK and Cyber Kill Chain
4. Malware Persistence
5. Incident Response & Hunting Across the Enterprise
6. Investigating WMI Attacks

2. Intrusion Analysis:
1. Credential Theft
2. Advanced Evidence of Execution
3. Event Log Analysis for Responders and Hunters
4. Lateral Movement Adversary Tactics
5. Command Line, PowerShell, and WMI Analysis

3. Memory Forensics in Incident Response & Threat Hunting:
1. Introduction to Memory Forensics in Incident Response and Threat Hunting
2. Triage and EDR
3. Memory Forensics
4. Acquiring Memory
5. Introduction to Memory Analysis
6. Code Injection Rootkits and Extraction

4. Timeline Analysis:
1. Timeline Analysis Overview
2. Filesystem and Memory Timeline Creation and Analysis
3. Introducing the Super Timeline
4. Targeted Super Timeline Creation
5. Filtering the Super Timeline
6. Super Timeline Analysis

5. Incident Response & Hunting Across the Enterprise:
2. Cyber Threat Intelligence and Indicators
3. Evidence of Historical Data
4. Advanced Execution Recovery
6. Intrusion Forensic Challenge