SANS Training in İstanbul, 12-17th November 2012



FOR508: Advanced Computer Forensic Analysis and Incident Response
Overview
DAY 0: A 3-letter government agency contacts you to say that critical information was stolen from a targeted attack on your organization. Don't ask how they know, but they tell you that there are several breached systems within your enterprise. You are compromised by an Advanced Persistent Threat, aka an APT - the most sophisticated threat you are likely to face in your efforts to defend your systems and data.

Over 90% of all breach victims learn of a compromise from third party notification, not from internal security teams. In most cases, adversaries have been rummaging through your network undetected for months or even years. Gather your team - it's time to go hunting.

FOR508: Advanced Computer Forensic Analysis and Incident Response will help you determine:

  1. How did the breach occur?
  2. What systems were compromised?
  3. What did they take? What did they change?
  4. How do we remediate the incident?

The updated FOR508 trains digital forensic analysts and incident response teams to identify, contain, and remediate sophisticated threats-including APT groups and financial crime syndicates. A hands-on lab-developed from a real-world targeted attack on an enterprise network-leads you through the challenges and solutions. You will identify where the initial targeted attack occurred and which systems an APT group compromised. The course will prepare you to find out which data was stolen and by whom, contain the threat, and provide your organization the capabilities to manage and counter the attack.

During a targeted attack, an organization needs the best incident responders and forensic analysts in the field. FOR508 will train you and your team to be ready to do this work.
 
For course syllabus and all other information see:

0 yorum: