DIGITAL FORENSICS & INCIDENT RESPONSE
Technically skilled SOC analyst who wish to be part of incident response team
Candidates with experience in the cyber security field and have technical background with security systems, Windows, Linux and networking.
Face to face (bootcamp)
Digital forensics and incident response (DFIR) is the science of gathering, preserving, analyzing, and presenting digital information and evidence in the organization. This is also known as the Blue Team.
This field is relevant to corporate security professionals, government employees, and military officers and contractors. Also, anyone who relies on digital information to communicate or to conduct business.
DFIR (Blue team): Digital Forensics and Incident Response is a hugely important sector of cyber security, where your everyday security analysis is taken to the next level. While most security analysts will work out of a SIEM or SOAR platform, Incident Responders and Forensic analysts typically work directly with a potentially compromised device. With this, they are required to not only be familiar with a larger array of tools for analysis, but also a much stricter set of process and procedures as their actions are often subject to legal requirements.
After completing this course, you should be able to:
Define incident response plan
Investigate office files, PDF, RTF emails for forensics purpose
Detect, analyse and contain malwares and attackers
Find anomalies in network traffic
Investigate Windows and Linux systems
Use timelines to detect cyber attacks
Analyse malwares and create an IOCs / TTP
Use big data system for SIEM
Threat hunting and forensics
The format of the studies
Scope of the program: 120 academic hours
online sessions – TBD