X

Enroll your team

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Register

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Request Access

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Pre-register

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

Coming soon our new Windows Digital Forensics course, find out more here.

Windows digital forensics

Built for Tier 2 Analysts

Intermediate

$1,400 inc. tax per learner

Intermediate

$1,400 inc. tax per learner

Pre-register

Background

Incident specialists, emergency response services, and digital forensics researchers are all united by in-depth knowledge in the field of digital forensics. To become a part of this community, you can turn to our Windows Digital Forensics course, which is designed specifically to provide you with the necessary knowledge and practical experience, drawing upon the extensive experience of experts from the Kaspersky Global Emergency Response Team (GERT).

Our high-level expert in the field of digital forensics, Ayman Shaaban, will introduce you to some important areas, including basic technical concepts and definitions, and explain the incident response, and how digital forensics is part of the process.

He will also demonstrate the analysis of various Windows artefacts with all the necessary tools gathered in one place — in your virtual environment. You will also be able to apply technical analysis yourself in a simulated active compromised directory to detect malicious traces of cyber attack. 

Our course emphasizes practical application, mirroring real-world scenarios to provide participants with a comprehensive understanding of incident response, allowing participants to gain invaluable insights and hands-on experience. By the end, you’ll be proficient in incident scoping, evidence acquisition, log file analysis, network analysis, creation of Indicators of Compromise (IoCs), and memory forensics. Armed with this knowledge, you’ll be better equipped to detect and mitigate threats swiftly, minimizing their impact and containing the damage effectively.

Ayman Shaaban
(@Ayman
Shaaban)

Digital Forensics and Incident Response Group Manager

Ayman joined Kaspersky in 2014 as a security researcher and member of GERT. Currently, Ayman works as DFIR manager in GERT. He started his cyber security career in 2009, where he participated in building digital forensics labs, and provided response and analysis for cyber incidents in different industries. Additionally, he has developed training courses on DFIR and delivered these courses to different entities around the globe. Ayman has a BSc in communication engineering and an MSc in cyber security, and he obtained various DFIR certificates. In 2016 he published his book “Practical Windows Forensics”.

Overview & Objectives

  • Acquire the fundamental expertise essential for digital forensics.
  • Comprehend the methods of obtaining diverse digital evidence and managing it within a forensically sound setting.
  • Demonstrate proficiency in utilizing the tools and resources of digital forensics.
  • Be able to find traces of malicious actions related to incidents in MS Windows artefacts.
  • Learn how to use timestamps from various Windows artefacts to restore an incident scenario.
  • Analyze browser and email histories effectively.
  • Be able to find traces of malicious actions related to incidents in MS Windows artefacts.
  • Learn how to use timestamps from various Windows artefacts to restore an incident scenario.

Intended participants

InfoSec professionals

For incident response and digital forensics teams, working in a dynamic environment and willing to continuously enhance their practical skills in digital forensics.

Cybersecurity consultancies

The course is designed for specialist consultancies that aim to equip their teams with relevant practical skills, enabling them to offer forensics investigation services to their clients.

Enterprises

For cybersecurity professionals who would like to upgrade technical analysis skills in the digital forensics domain.

How you’ll learn

Guided video lectures

Learn from incident response expert Ayman the Global Emergency Response Team, GERT, who has years of experience working in real-world investigations.

Practical virtual laboratory

Practice in our fully configured virtual laboratory on real-world incidents.

Interactive learning

The course is based on progressive learning with a consistent modular structure based on expert reviews of each task, practical work in a virtual laboratory and detailed step-by-step solutions.