Category: Portfolio

An important but often overlooked process in incident handling is memory analysis. In this installment of David Biser’s series on incident response, he explains and demonstrates how to use memory analysis to investigate an attack and gain useful evidence from memory that may not otherwise be available.

Hone your incident handling skills by joining Ken Underhill in this Attacks and Persistence for Incident Handlers course. Identify DNS and USB attacks and walk through a session hijacking lab to understand how an attacker can exploit a session to harvest user credentials.

NMAP is a powerful tool used by both attackers and defenders to scan networks. In this Scanning and Enumeration with NMAP course, Ken Underhill uses an NMAP lab to demonstrate the process for collecting information on a network using technical tools. Become a more advanced incident handler with this course.

If you’re on the path to becoming an incident handler, you’ll need reconnaissance skills. In this Online Reconnaissance course, Ken Underhill covers the gathering of data through reconnaissance-related labs, with a primary focus on open-source intelligence (OSINT). Examine analysis labs to give you a hands-on overview of information gathering.

Take your incident response plans to the next level by exploring this “Implementing an Incident Response Plan” course with David Biser. He walks you through incident identification, the incident management process, and how to recover from an incident.