Get the foundation you need to continue pursuing incident response. Explore what digital forensics means, what digital evidence is, where to find it, how digital forensics can help your organization, and what’s next on your journey to becoming a DFIR professional.

Created for learners to analyze and triage Windows systems (including artifacts and indicators of compromise) and review Operating Systems at a detailed level. Allows learners to apply critical thinking to various steps of forensics investigations (of Windows based systems) and communicate those findings to stakeholders and executive leadership.

As a cybersecurity professional, Linux is everywhere and part of our daily lives. Being prepared to respond to incidents impacting the operating system is critical. Be sure you understand the impacts on DFIR of the Linux file system, data acquisition and analysis, memory forensics, and network forensics.

This course is a deep dive into memory forensics. We cover the acquisition and preservation of memory images, analysis of system artifacts and structures, identification of malicious code and suspicious behavior, and advanced techniques such as timeline analysis and memory carving.

It seemed that MacOS was unhackable for a time… Until it wasn’t. Be sure you have the skills to acquire and analyze forensic data from these systems. This course will give you a fundamental understanding of MacOS-based systems to effectively acquire and analyze data, interpret results, and present them as evidence in a legal setting.

One course simply isn’t enough to cover Windows Forensics. Supercharge your Windows Forensics skills further by digging into DFIR on an enterprise scale with hundreds or thousands of endpoints, proactive threat hunting to root out adversaries, memory forensics, and more.

Now that you have a broad understanding of Digital Forensics and Incident Response, let’s touch base on the theory and thought processes behind effectively gathering evidence under pressure. Join SME Marc Balingit as he discusses how he handles the stress while gathering the evidence he needs thoughtfully and thoroughly.

Mobile devices are everywhere. Effectively every human is carrying a network-attached computer in their pocket. These devices present a number of difficulties for DFIR professionals. In this course series we will explore these struggles and some of their solutions to make sure we’re ready to respond effectively when incidents involve them.

The cloud is someone else’s computer. Not only that, there are so many platforms to choose. Each of these platforms can complicate the consistency and integrity of the forensic investigation. Come alongside SME Marc Balingit as he provides real-world, hands-on examples of data acquisition, analysis, and interpretation from various cloud providers.

As if that weren’t enough to gather evidence and respond during an active security incident, there are times when the integrity of the artifacts you collect is key to their admissibility in a court of law. No pressure! Relax, SME Marc Balnigit has your back in this course series where he gives you all the tools you need to be calm under pressure.