![SANS Digital Forensics and Incident Response](/img/default-banner.jpg)
- 953
- 4 286 498
SANS Digital Forensics and Incident Response
United States
Приєднався 7 гру 2011
Over 80% of all breach victims learn of a compromise from third-party notifications, not from internal security teams. In most cases, adversaries have been rummaging through your network undetected for months or even years.
Incident response tactics and procedures have evolved rapidly over the past several years. Data breaches and intrusions are growing more complex. Adversaries are no longer compromising one or two systems in your enterprise; they are compromising hundreds. Your team can no longer afford antiquated incident response techniques that fail to properly identify compromised systems, provide ineffective containment of the breach, and ultimately fail to rapidly remediate the incident.
A thorough understanding of many detailed areas is required for success, including a mastery of the following fundamental skills covered by the SANS Digital Forensics and Incident Response (DFIR) UA-cam Channel.
Incident response tactics and procedures have evolved rapidly over the past several years. Data breaches and intrusions are growing more complex. Adversaries are no longer compromising one or two systems in your enterprise; they are compromising hundreds. Your team can no longer afford antiquated incident response techniques that fail to properly identify compromised systems, provide ineffective containment of the breach, and ultimately fail to rapidly remediate the incident.
A thorough understanding of many detailed areas is required for success, including a mastery of the following fundamental skills covered by the SANS Digital Forensics and Incident Response (DFIR) UA-cam Channel.
Rob T. Lee - Federal officials warn of attacks on water utilities
Hacker groups from Russia, China, and Iran have taken credit for recent water utility hacks, and the federal government has urged even smaller communities to take action. CBS 2's Charlie De Mar reports.
Переглядів: 672
Відео
FOR585: Smartphone Forensic Analysis In-Depth course overview
Переглядів 1 тис.2 місяці тому
To learn more visit www.sans.org/FOR585 FOR585: Smartphone Forensic Analysis In-Depth course provides examiners and investigators with advanced skills to detect, decode, decrypt, and correctly interpret evidence recovered from mobile devices. The course is continuously updated to keep up with the latest file formats, malware, smartphone operating systems, third-party applications, acquisition s...
FOR578: Cyber Threat Intelligence Course Overview
Переглядів 1,6 тис.2 місяці тому
Learn more about the course at: sans.org/FOR578 Cyber threat intelligence represents a force multiplier for organizations looking to update their response and detection programs to deal with increasingly sophisticated advanced persistent threats. Malware is an adversary's tool but the real threat is the human one, and cyber threat intelligence focuses on countering those flexible and persistent...
Why take FOR578 OnDemand? with Robert M. Lee
Переглядів 5443 місяці тому
-OnDemand cyber security courses from SANS Institute gives you anytime, anywhere access to world leading cybersecurity training. -More than 60 of SANS most popular courses are available via OnDemand, and all are taught by SANS top instructors. -OnDemand courses include the same hands-on labs and exercises used in our instructor led classes while also offering SME support to answer your specific...
Rob T. Lee - Could LockBit, ransomware provider have been behind Lurie hack?
Переглядів 8393 місяці тому
In what could be a major development in the cyberattack against Lurie Children's Hospital, the FBI and British authorities have taken down what they call the world's most prolific ransomware group. There is speculation that the group, LockBit, could also be behind the attack and serious outage at the hospital that began back on Jan. 31. The group's involvement has not been confirmed, but LockBi...
Rob T. Lee Chicago's Lurie Children's Hospital RANSOMWARE ATTACK
Переглядів 2853 місяці тому
CHICAGO (CBS) - Chicago's Lurie Children's Hospital confirmed for the first time on Thursday it experienced a cyberattack from an outside threat, which led the hospital to take its phone, email, and other systems offline on Jan. 31 and caused disruptions to its regular operations since then. In a statement, hospital officials said their network was accessed by a "known criminal threat actor," a...
FOR589: Cybercrime Intelligence Overview
Переглядів 1,5 тис.3 місяці тому
Cybercrime intelligence can help organizations effectively anticipate, prevent, and mitigate potential cybercrime threats, while also helping law enforcement agencies and governments combat cybercrime and prosecute criminals. FOR589: Cybercrime Intelligence (sans.org/FOR589) provides an in-depth understanding of the cybercrime underground and covers the wide variety of tactics and techniques us...
FOR528: Ransomware & Cyber Extortion Course Overview
Переглядів 7793 місяці тому
In this video FOR528: Ransomware & Cyber Extortion course (sans.org/FOR528) author Ryan Chapman provides an overview of the hands-on learning included in the course. The term "Ransomware" no longer refers to a simple encryptor that locks down resources. The advent of Human-Operated Ransomware (HumOR) along with the evolution of Ransomware-as-a-Service (RaaS) have created an entire ecosystem tha...
Thinking DFIRently From Entry to Specialty
Переглядів 2,4 тис.3 місяці тому
For more resources on how to start in DFIR check out "The Ultimate Guide to Getting Started in Digital Forensics & Incident Response" here: www.sans.org/white-papers/ultimate-guide-getting-started-digital-forensics-incident-response/ The Digital Forensics and Incident Response world. An incredibly broad sphere. We have people trying to get into this world. We have people that have just entered ...
How to Leverage Cloud Threat Intelligence Without Drowning: The Zero-Noise Approach
Переглядів 6904 місяці тому
Why is Threat intelligence so difficult to effectively utilize in the Cloud? Different Cloud environments share many characteristics, leading attackers to often use the same TTPs in a multitude of attacks. Sounds like an easy case of using TI to detect and investigate malicious activity, until we encounter one problem : noise. The vast amounts of Cloud TI data combined with increasingly high vo...
Beyond the Basics: The Role of LLM in Modern Threat Intelligence
Переглядів 2,2 тис.4 місяці тому
Threat intelligence is replete with challenges, necessitating a large experience, knowledge, and techniques to really understand the threat landscape, the TTPs, and to accurately track threat actors. Given this context, it is crucial to innovate and introduce the tools and techniques to both the current and next generation of analysts who stand to benefit from shared experience. A promising ave...
Applying Threat Intelligence Practically to Meet the Needs of an Evolving Regulatory Environment
Переглядів 4184 місяці тому
Effective and operationalized threat intelligence is required now more than ever. Even as organizations around the world grapple with shifting market conditions, an increasingly complex regulatory environment is also emerging that will impact cybersecurity programs and processes across many sectors. More recent examples such as DORA and the September 2023 SEC ruling concerning material cyber in...
How an Info Sharing Analysis Center Works w/ its Members to Improve Cyber Defenses for Their Sector
Переглядів 3044 місяці тому
How an Info Sharing Analysis Center Works w/ its Members to Improve Cyber Defenses for Their Sector
Bridging the Intelligence Divide: Building CTI Blueprints for Value-Based Production
Переглядів 3334 місяці тому
Bridging the Intelligence Divide: Building CTI Blueprints for Value-Based Production
How Threat Intelligence Helped Us Defend and Respond to a Nation-State-Sponsored Threat Actor
Переглядів 5034 місяці тому
How Threat Intelligence Helped Us Defend and Respond to a Nation-State-Sponsored Threat Actor
Clustering Attacker Behavior: Connecting the Dots in the RaaS Ecosystem
Переглядів 1,3 тис.4 місяці тому
Clustering Attacker Behavior: Connecting the Dots in the RaaS Ecosystem
Threat Intelligence is a Fallacy, but I May be Biased
Переглядів 7984 місяці тому
Threat Intelligence is a Fallacy, but I May be Biased
Deep Dive into Supply Chain Compromise: Hospitality’s Hidden Risks
Переглядів 1924 місяці тому
Deep Dive into Supply Chain Compromise: Hospitality’s Hidden Risks
Beyond Cryptojacking: Studying Contemporary Malware in the Cloud
Переглядів 1934 місяці тому
Beyond Cryptojacking: Studying Contemporary Malware in the Cloud
Why Won’t They Listen? - ConnectingYour CTI to Decision Makers
Переглядів 2444 місяці тому
Why Won’t They Listen? - ConnectingYour CTI to Decision Makers
Cybersecurity is GeoPolitical: Lessons From the Fight Against Mercenary Spyware Proliferation
Переглядів 8064 місяці тому
Cybersecurity is GeoPolitical: Lessons From the Fight Against Mercenary Spyware Proliferation
Intellimation: Guidance for Integrating Automation in Your Cyber Threat Intelligence Program
Переглядів 3284 місяці тому
Intellimation: Guidance for Integrating Automation in Your Cyber Threat Intelligence Program
The Cyber-Hobbit:There and Back Again in CTI
Переглядів 1574 місяці тому
The Cyber-Hobbit:There and Back Again in CTI
Navigating the Digital Battlefield: A Framework for Geopolitical Cyber Risk Assessment
Переглядів 3374 місяці тому
Navigating the Digital Battlefield: A Framework for Geopolitical Cyber Risk Assessment
Sharing Compared: A Study on the Changing Landscape of CTI Networking
Переглядів 2194 місяці тому
Sharing Compared: A Study on the Changing Landscape of CTI Networking
Let’s Be Honest About MITRE ATT&CK® Mappings and the “So What”
Переглядів 9574 місяці тому
Let’s Be Honest About MITRE ATT&CK® Mappings and the “So What”
Zero to CTI: A Novice’s Journey into Threat Intelligence
Переглядів 9974 місяці тому
Zero to CTI: A Novice’s Journey into Threat Intelligence
Revisiting the Indicator: Towards a Threat Intelligence Ontology
Переглядів 7514 місяці тому
Revisiting the Indicator: Towards a Threat Intelligence Ontology
OSINTer: Automating the CTI Heavy Lifting the Open Source Way!
Переглядів 1,7 тис.4 місяці тому
OSINTer: Automating the CTI Heavy Lifting the Open Source Way!
Slow Cooking and Cyber Threat Intelligence: Cooking a High-Performing Team
Переглядів 5644 місяці тому
Slow Cooking and Cyber Threat Intelligence: Cooking a High-Performing Team
Ian sold himself out to law enforcement, people know you write 2 versions of your software Ian
Thank you for taking the time to do this! Super helpful
Super 🎉🎉🎉
❤🎉
Sounds like an interesting course for the future. Something to aim for in due course.
Great video, i watched prolly about 30-40 lectues from you guys at sans
Lame unprofessional you're not intellect enough to attach ppt... please do
nice
watch out for shim and wal files is all i will say 🤓😎
wonderful course my fav part is anti forensics
course has stuff alot of others dont talk about, or if I am not wrong dont even know about !!
great course pal
Why would they not hit the critical infrastructure with a cyberattack if we do nothing about it, I'll never understand that logic.
That’s fucking interesting, man
This is nothing new
Very true, it's good that it's turning up on the news again but at the same time, things like this just shouldn't be occurring with the coverage they have had in the past, or at least should be minimal. It is difficult to see that seemingly issues just aren't being sorted as priority for CNI.
great course
Awesome speaker, learned a lot and laughed my butt off quite a few times 😂😂
Very neat explanation
Thank you *arcquirky* your sense of humor is top notch and working with a great team like yours make recovering of stolen funds easy and straightforward i cant believe i got my crypto funds back reach out to them on there info today
On Instagram
On insta
Thank you *arcquirky* your sense of humor is top notch and working with a great team like yours make recovering of stolen funds easy and straightforward i cant believe i got my crypto funds back reach out to them on there info today
Tremendous work... great info and entertaining! Thanks!
Just watched the talk on email alterations at the DFIR Summit. Damn, guys, you seriously need to take a look at FilterBounce. It is changing the game in email verification, making everything else look like child is play in comparison.
I have been tuning into SANS Digital for a while now, never disappoints! Quick suggestion, how about a vid showcasing FilterBounce is capabilities? It is an email verifier tool that still keeps my bounce rate under 1%, even when others miserably fail!
Just caught your fantastic Forensic Investigation talk. Ever given FilterBounce a shot? It is like having an ace up your sleeve for email verification and lead generation, plus their api is perfect for contact form verification. Changed the game for me! Keep up the great work, SANS!
Your segment on email investigations got me thinking. There is this tool, FilterBounce, it is the best solution for spotting nifty email ID is that other services label as risky! It revolutionizes lead gen.
I lol'd a bit too much at Friday night's w/ Windows registry
Where can we download the PPT?
Hi, I believe that I am a victim of a crypto scam and I am not to withdraw my funds unless I pay a large tax first. Is it possible to unlock the account and withdraw the money ?
Hello don't send them any other money they are scammers I was a victim too so I know how they keep asking for more money
Thank you *arcquirky* your sense of humor is top notch and working with a great team like yours make recovering of stolen funds easy and straightforward i cant believe i got my crypto funds back reach out to them on there info today
On Instagram
On insta
They are very reliable and professionals I strongly recommend them
Thanks for the sharing!
Always enjoy ryan's talks. Full of knowledge.
You gave me hope. Thank you! Also, you are one of the best presenters I’ve ever seen in this field. Clear, upbeat and interesting.
Kevin is wonderful. I could listen to him lecture all day.
Question: after you create the symbolic link, the contents of the user directory for the user "Donald" is still not browsable in Windows Explorer due to Windows detecting the existing user rights, correct ? (age old problem where you do not have permission to the c:\users\donald directory)
Great talk!
@SANS will there be a kinda SEC6XX or SEC7XX focussed on Smartphone pentesting. Potentially in a similar fashion as OffSec has for OSCE³ but on Mobile Devices ? Digging deeper into zero click exploits
Keeps stretching and stretching takes forever to get to any meat.
Sounds like the speaker is dialed in on a cell phone. Use VOIP next time so you're clear and easy to understand please.
great stuff
Absolutely Fantastic !! Learnt a lot.
I can't imagine how hard it would be to decide to take on a moneygetback role of scammed person, The history need to be remembered though and the help that was born through such pain and suffering. Mad respect to these Adriannotch
I can't imagine how hard it would be to decide to take on a moneygetback role of scammed person, The history need to be remembered though and the help that was born through such pain and suffering. Mad respect to these Adriannotch
The efficiency of this is next level. To juggle walk throughs of various angles on the topic delivered to-camera, differnet content per topic from various folk underneath the umbrella of the track list of the larger big band concert itself is engaging and refined. To make a dense taccess like this SO digestible is really something. Awesome works ADRIANNOTCH !
The efficiency of this is next level. To juggle walk throughs of various angles on the topic delivered to-camera, differnet content per topic from various folk underneath the umbrella of the track list of the larger big band concert itself is engaging and refined. To make a dense taccess like this SO digestible is really something. Awesome works ADRIANNOTCH !
This Adriannotch on the internet is stuck in my brain and it is very beautiful. I listen to their advice every day. It is one of my favorite recovery agent and I loved it very much. Thank you to those who performed it. Long live, especially from Iraq.
This Adriannotch on the internet is stuck in my brain and it is very beautiful. I listen to their advice every day. It is one of my favorite recovery agent and I loved it very much. Thank you to those who performed it. Long live, especially from Iraq.
Hi *Adriannotch* To all you guys (male and female) that work so hard, putting a stop to the scams you can stop. I Thank each and every one of you. Please keep up the great work and when I'm able to help you out financially, I most definitely will. In the meantime, keep the excellent help coming. In my mind, you're the best channel on UA-cam by far. Many thanks from a true dedicated fan in the UK Stay safe all. Thanks. Nicholas.
Hi *Adriannotch* To all you guys (male and female) that work so hard, putting a stop to the scams you can stop. I Thank each and every one of you. Please keep up the great work and when I'm able to help you out financially, I most definitely will. In the meantime, keep the excellent help coming. In my mind, you're the best channel on UA-cam by far. Many thanks from a true dedicated fan in the UK Stay safe all. Thanks. Nicholas.
The way you guys just remain humble & move behind the recommendation is how more people should move. You Adriannotch deserve it all! This Helps people see how much of an angel is. I'm proud of you man. The Main reason you inspires me to help people
The way you guys just remain humble & move behind the recommendation is how more people should move. You Adriannotch deserve it all! This Helps people see how much of an angel is. I'm proud of you man. The Main reason you inspires me to help people
Amen. Give glory to God. Awake to rightousness and sin not... God is Holy and cannot look upon sin. We need the righteousness of Jesus Christ applied to our account so we can get to God, have a relationship with Him and go to heaven. The only way to get Jesus Christ's righteousness applied to our account is put our trust in his finished work on the cross. He shed his blood to cover our sin.. he took God's wrath.. he took our hell, and in turn he gives you his righteousness. What a loving God! Why would you take a chance on holding onto your own righteousness which is as filthy rags according to the Bible. You see friend, we are all sinners in need of a Saviour! If you trust that Jesus Christ paid it all for you, ask him to forgive you for your sin and save your soul. Romans 10:13 says for whosoever shall call upon the name of the Lord shall be saved.