Introduction
Foundation of information security. Cyber kill chain. Open-source intelligence.
X
X
X
X
Bali, 22-25 October: Kaspersky Security Analyst Summit. Register here
With this course you will master incident detection, evidence acquisition, log file analysis, network analysis and creation of IoCs and also get introduced to memory forensics.
Master different tools including: ELK stack, PowerShell, Suricata, YARA and more in the fully configured virtual lab environment.
Learn from Kaspersky incident responders with more than 10 years of experience in the field.
Intermediate
$1170 inc. tax per learner
Prerequisites
Intermediate
$1170 inc. tax per learner
Prerequisites
“You will master incident detection, evidence acquisition, log file analysis, network analysis and creation of IoCs, and also get introduced to memory forensics.”
Are you looking to improve the expertise of your in-house digital forensics and incident response team? Or do you want to train yourself in the area of incident response to identify the complex attacks? This Kaspersky Windows Incident Response course brings you concentrated knowledge from the company’s Global Emergency Response Team (GERT) experts.
The course’s curriculum is heavily focused on practicing. Our experts will take you through all the stages of responding to an incident based on a real-life ransomware case.
You will master incident detection, evidence acquisition, log file analysis, network analysis and creation of IoCs, and also get introduced to memory forensics. You will be working in a simulated virtual environment with all the necessary tools to practice IR. Your coaches Ayman Shaaban and Kai Schuricht have handled security incidents for Kaspersky incident response customers around the globe. You will get not only super-clear theoretical knowledge but also tap into their up-to-date experience, skills and tips.
A Kaspersky report shows malware can survive in a company’s digital environment for months and even years under the radar. After completing the course you will be able to verify and handle threats quicker in order to minimize the impact and contain the damage.
Digital Forensics and Incident Response Group Manager
Ayman joined Kaspersky in 2014 as a security researcher and member of GERT. Currently, Ayman works as DFIR manager in GERT. He started his cyber security career in 2009. During his career, he has participated in building digital forensics labs and providing response and analysis for cyber incidents in different industries. He developed training courses on DFIR and delivered these courses to different entities around the globe. Ayman has a BSc in communication engineering and an MSc in cyber security. Ayman obtained different DFIR certificates and in 2016 he published his book “Practical Windows Forensics”.
Cybersecurity expert
Kai started his career in the information security domain in 2010 as a security consultant and joined GERT in 2016 as an incident response specialist. Throughout his career, he has been involved in building digital forensic labs and providing responses to different variants of cyber incidents around the world. Beside the development and delivering of DFIR training globally, he also designs, conducts and evaluates tabletop exercises. Kai holds several international certifications like GCFA, GCFE, ECIR, ECTHP, CCSK, CISM and ISO/IEC 27035) and also a Diploma in Business Informatics (FH) and a M.Sc. in Digital Forensics.
Foundation of information security. Cyber kill chain. Open-source intelligence.
Incident response process: from preparation to post-incident.
Live analysis on the victim machines with IRCD and PowerShell.
Triage approach. Triage acquisition with Kape, Paladin, FTK-imager and Velociraptor. Applied sessions with FTK imager and Velociraptor.
Memory forensics with the volatility framework.
Log file analysis using command line tools up to ELK.
Network IOCs: Dumping network traffic. Network intrusion detection with Suricata. Network analysis tools.
Scanning for Indicators of Compromise (IOC). Host-based IOC scanning with YARA.
InfoSec professionals
For cybersecurity professionals who would like to upgrade technical analysis skills in the incident response domain.
Enterprises
For incident response and digital forensics teams, who are continuously enhancing their practical skills in incident remediation.
Guided video lectures
Learn from Incident Response experts Ayman and Kai from the Global Emergency Response Team, GERT, who have years of experience working on real-live investigations.
Hands-on virtual lab
Practice in our fully configured virtual lab on real-life incident case.
Iterative learning
The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in the virtual lab and detailed solution walk-throughs.
6 months to complete your course from activation of your access code
Courses delivered in English with subtitles
Self-guided learning that fits around your life
It will take you approximately 15 hours to finish the course
PDF downloads of training materials & tips
Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client)
Members of Kaspersky Global Emergency Response Team
Over 40 videos to guide you through the course
100 hours of virtual lab time for hands-on learning
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)
Incident response
Master the skills of incident analysis, evidence collection, log file analysis, network analysis, creating indicators of compromise (IoC) and memory forensics.
Each and every month we share our latest news, tips, tricks and advice on all things cybersecurity related.
Be the first to find out when we run competitions, promotions, launch new courses, release free webinars and much more!