X

Enroll your team

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Register

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Request Access

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

X

Pre-register

I agree to provide AO Kaspersky Lab, 39A/3 Leningradskoe Shosse Moscow, 125212 Russian Federation (“AO Kaspersky Lab”) with the following information about me (First Name, Last Name, email) order to allow AO Kaspersky Lab to contact me to participate in surveys and to send me information via email about Kaspersky Lab's products and services including personalized promotional offers and premium assets like white papers, webcasts, videos, events and other marketing materials. I confirm that I have been provided with this Privacy Policy for Web Sites. I understand that my consent is optional and I can withdraw this consent at any time via e-mail by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the purposes mentioned above”. Web privacy policy https://www.kaspersky.com/web-privacy-policy

Windows incident response

Built for Tier 2 Analysts

Intermediate

$1170 inc. tax per learner

Intermediate

$1170 inc. tax per learner

“You will master incident detection, evidence acquisition, log file analysis, network analysis and creation of IoCs, and also get introduced to memory forensics.”

Enroll my team
Request demo access

Background

Are you looking to improve the expertise of your in-house digital forensics and incident response team? Or do you want to train yourself in the area of incident response to identify the complex attacks? This Kaspersky Windows Incident Response course brings you concentrated knowledge from the company’s Global Emergency Response Team (GERT) experts.

The course’s curriculum is heavily focused on practicing. Our experts will take you through all the stages of responding to an incident based on a real-life ransomware case.

You will master incident detection, evidence acquisition, log file analysis, network analysis and creation of IoCs, and also get introduced to memory forensics. You will be working in a simulated virtual environment with all the necessary tools to practice IR. Your coaches Ayman Shaaban and Kai Schuricht have handled security incidents for Kaspersky incident response customers around the globe. You will get not only super-clear theoretical knowledge but also tap into their up-to-date experience, skills and tips.

Kaspersky report shows malware can survive in a company’s digital environment for months and even years under the radar. After completing the course you will be able to verify and handle threats quicker in order to minimize the impact and contain the damage.

Course leaders

Ayman Shaaban (@AymanShaaban)

Digital Forensics and Incident Response Group Manager

Ayman joined Kaspersky in 2014 as a security researcher and member of GERT. Currently, Ayman works as DFIR manager in GERT. He started his cyber security career in 2009. During his career, he has participated in building digital forensics labs and providing response and analysis for cyber incidents in different industries. He developed training courses on DFIR and delivered these courses to different entities around the globe. Ayman has a BSc in communication engineering and an MSc in cyber security. Ayman obtained different DFIR certificates and in 2016 he published his book “Practical Windows Forensics”.

Kai Schuricht (@kai_schuricht)

Cybersecurity expert

Kai started his career in the information security domain in 2010 as a security consultant and joined GERT in 2016 as an incident response specialist. Throughout his career, he has been involved in building digital forensic labs and providing responses to different variants of cyber incidents around the world. Beside the development and delivering of DFIR training globally, he also designs, conducts and evaluates tabletop exercises. Kai holds several international certifications like GCFA, GCFE, ECIR, ECTHP, CCSK, CISM and ISO/IEC 27035) and also a Diploma in Business Informatics (FH) and a M.Sc. in Digital Forensics.

Overview & objectives

  • Identify a cyber incident and how to respond to it
  • Understand various attack techniques
  • Differentiate between APTs and other threats
  • Apply live analysis on victim machines
  • Acquire evidence in a forensically sound environment
  • Upgrade your memory forensics skills
  • Apply log file analysis with regular expressions and ELK
  • Create better network and host-based IoCs
  • Test your network traffic forensics skills

Syllabus

Who it's for

InfoSec professionals

For cybersecurity professionals who would like to upgrade technical analysis skills in the incident response domain.

Enterprises

For incident response and digital forensics teams, who are continuously enhancing their practical skills in incident remediation.

How you'll learn

Guided video lectures

Learn from Incident Response experts Ayman and Kai from the Global Emergency Response Team, GERT, who have years of experience working on real-live investigations.

Hands-on virtual lab

Practice in our fully configured virtual lab on real-life incident case.

Iterative learning

The course is structured around progressive learning with a consistent module framework based on specialist overviews of each task, practical work in the virtual lab and detailed solution walk-throughs.

Benefits

Access

6 months to complete your course from activation of your access code

Language

Courses delivered in English with subtitles

Pace

Self-guided learning that fits around your life

Browser-based access to virtual lab

It will take you approximately 15 hours to finish the course

Downloads

PDF downloads of training materials & tips

Learning environment

Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client)

Course author

Members of Kaspersky Global Emergency Response Team

Guided videos

Over 40 videos to guide you through the course

Access to virtual lab

100 hours of virtual lab time for hands-on learning

Certificate of completion

PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s)

Be the first to find out...

Each and every month we share our latest news, tips, tricks and advice on all things cybersecurity related.
Be the first to find out when we run competitions, promotions, launch new courses, release free webinars and much more!

Sign up