Category: Continuing Education

Is it time for you to testify? This course is for digital forensics and incident response professionals who are preparing to testify. Learn more about what makes an expert witness, as well as what is involved in the process from collection and analysis to testimony. Gain confidence with defending your work before you take the […]

An important but often overlooked process in incident handling is memory analysis. In this installment of David Biser’s series on incident response, he explains and demonstrates how to use memory analysis to investigate an attack and gain useful evidence from memory that may not otherwise be available.

Hone your incident handling skills by joining Ken Underhill in this Attacks and Persistence for Incident Handlers course. Identify DNS and USB attacks and walk through a session hijacking lab to understand how an attacker can exploit a session to harvest user credentials.

NMAP is a powerful tool used by both attackers and defenders to scan networks. In this Scanning and Enumeration with NMAP course, Ken Underhill uses an NMAP lab to demonstrate the process for collecting information on a network using technical tools. Become a more advanced incident handler with this course.

If you’re on the path to becoming an incident handler, you’ll need reconnaissance skills. In this Online Reconnaissance course, Ken Underhill covers the gathering of data through reconnaissance-related labs, with a primary focus on open-source intelligence (OSINT). Examine analysis labs to give you a hands-on overview of information gathering.