Talk With an Expert

SANS DFIR Europe Prague 2025

  • Sun, Sep 28 - Sat, Oct 4, 2025
  • 8 Courses
  • 1 Tournament
  • English
Vienna House By Wyndham Andels Prague & Virtual (CET)
Stroupežnického 21, 150 00 Praha 5-Smíchov
Prague, Bridge
Early Bird Offer

Save 250 EUR using the code "EarlyBirdEMEA-EURO" and pay for any 4-6 day course (excluding Beta Courses) by August 28, 2025.

Register

Summit and Course Registration

from €7,715 EUR
In personIncludes
  • Course: Live Instructor Training with Hands-on Exercises
  • Summit: Talks, Presentations and Workshops
  • DFIR Netwars Tournament
Live onlineIncludes
  • Course: Virtual Live Instructor Training with Hands-on Exercises
  • Summit: Select Talks and Content
  • Summit: Interactive Chat on Slack

Summit Registration Only

from €600 EUR
€600 EUR*Prices exclude applicable local taxes
In personIncludes
  • Free Lunch and Snacks
  • Interactive Talks and Sessions
  • Networking with Peers
Attend In PersonLogin to register

Courses

Looking for Group Purchasing? Contact Us

Showing 8 of 8
Filter by:

FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics

Intermediate
FOR508Digital Forensics and Incident Response
FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
  • GIAC Certified Forensic Analyst
  • 6 Days
  • 36 CPEs
  • Steve Anson
  • Starts 29 Sep 2025 at 8:30 AM CET
  • €8,230 EUR (Course)
  • €905 EUR (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques

Advanced
FOR610Digital Forensics and Incident Response
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
  • GIAC Reverse Engineering Malware
  • 6 Days
  • 36 CPEs
  • Lenny Zeltser
  • Starts 29 Sep 2025 at 8:30 AM CET
  • €8,230 EUR (Course)
  • €905 EUR (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR500: Windows Forensic Analysis

Essentials
FOR500Digital Forensics and Incident Response
FOR500: Windows Forensic Analysis
  • GIAC Certified Forensic Examiner
  • 6 Days
  • 36 CPEs
  • Jess Garcia
  • Starts 29 Sep 2025 at 8:30 AM CET
  • €8,230 EUR (Course)
  • €905 EUR (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-Person

FOR518: Mac and iOS Forensic Analysis and Incident Response

Intermediate
FOR518Digital Forensics and Incident Response
FOR518: Mac and iOS Forensic Analysis and Incident Response
  • GIAC iOS and macOS Examiner
  • 6 Days
  • 36 CPEs
  • Sarah Edwards
  • Starts 29 Sep 2025 at 8:30 AM CET
  • €8,230 EUR (Course)
  • €905 EUR (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR578: Cyber Threat Intelligence

Intermediate
FOR578Digital Forensics and Incident Response
FOR578: Cyber Threat Intelligence
  • GIAC Cyber Threat Intelligence
  • 6 Days
  • 36 CPEs
  • Jim Simpson
  • Starts 29 Sep 2025 at 8:30 AM CET
  • €8,230 EUR (Course)
  • €905 EUR (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-Person

FOR498: Digital Acquisition and Rapid Triage

Essentials
FOR498Digital Forensics and Incident Response
FOR498: Digital Acquisition and Rapid Triage
  • GIAC Battlefield Forensics and Acquisition
  • 6 Days
  • 36 CPEs
  • Jason Jordaan
  • Starts 29 Sep 2025 at 8:30 AM CET
  • €8,230 EUR (Course)
  • €905 EUR (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR509: Enterprise Cloud Forensics and Incident Response

Intermediate
FOR509Digital Forensics and Incident Response
FOR509: Enterprise Cloud Forensics and Incident Response
  • GIAC Cloud Forensics Responder
  • 6 Days
  • 36 CPEs
  • Megan Roddie-Fonseca
  • Starts 29 Sep 2025 at 8:30 AM CET
  • €8,230 EUR (Course)
  • €905 EUR (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR589: Cybercrime Investigations

Major UpdatesIntermediate
FOR589Digital Forensics and Incident Response
FOR589: Cybercrime Intelligence
  • 5 Days
  • 30 CPEs
  • Kevin Ripa
  • Starts 29 Sep 2025 at 9:00 AM CET
  • €7,715 EUR (Course)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

Chaired By

Jess Garcia
Jess Garcia

Jess Garcia

Founder

Jess Garcia is the founder and technical lead of One eSecurity, a global Information Security company specialized in Incident Response and Digital Forensics.

Read more about Jess Garcia

Schedule

Keynotes & Talks

Learn from industry leaders sharing key security insights.

Course Training

Daily required course training hours throughout the week.

Bonus Session

Engage in extra learning and activities during SANS events.

Showing 2 of 6
Filter by:

Defending AI with an APE

When it comes to attacks on generative AI, Prompt Injection is everywhere. So everywhere, in fact, that it’s starting to lose all meaning. If everything is Prompt Injection, then nothing really is — right? In this talk, we’ll go beyond the buzzword and into the world of APE: a structured, practical taxonomy designed for the teams on the front lines, Red Teams, SOCs, Incident Response, and Intelligence. APE helps make sense of the chaos by categorising how adversaries are actually targeting AI systems. Whether you're testing defences, triaging incidents, tracking threat actors, or just trying to figure out what’s going wrong with your chatbot at 3 a.m., APE gives you the vocabulary and framework to work smarter. Because let’s be honest, AI isn’t going anywhere, and neither are the people trying to break it.

06:00PM - 07:00PM CEST
In-Person & Virtual

Rethinking Digital Forensics in Incident Response

The term DFIR has become really popular over the last several years and is used as an all-encompassing term for digital forensics and incident response. But the reality is that there is actually an inherent contradiction between digital forensics and incident response, because the actual end goals of digital forensics and incident response are actually not the same. The reality is that for most organizations, incident response focuses on making the pain go away, and maybe improving security going forward. Thinking about a legal outcome is far from the reality for most organizations.

07:00PM - 08:00PM CEST
In-Person & Virtual

The Changing Role of a Security Leader and What It Means to You

As the world of information technology continues to change, so does the role of the security leader. Whether you're a CISO, Director of Security, or someone aspiring for such a position, you should consider how the current trends in IT and business affect your professional journey. Does your current approach to security leadership set you up for success?

Attend this session to learn how experienced CISOs:

- Align their security strategy to the business it aims to support

- Ask the right questions to excel in challenging situations

- Gain support for their efforts from non-security stakeholders

- Use technical and communication skills to their advantage

Those of us whose professional roots are grounded in technology often look at enterprise defenses from the perspective of the threats. While understanding the relationship between attacks and defenses is important, it's no longer sufficient. Attend this session to learn how to think about the role of a modern security leader to succeed in today's business environment.

06:00PM - 07:00PM CEST
In-Person & Virtual

Your Journey to the GenAI-DFIR Era Starts Today

How exactly is Generative AI (GenAI) changing the way Forensicators & Hunters work today? In this talk Jess Garcia will answer that question by presenting everything you need to know to integrate GenAI in your everyday DFIR tasks and get ready for this new era.

07:00PM - 08:00PM CEST
In-Person & Virtual

Tournament: DFIR NetWars

Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.

About DFIR NetWars: Focused on digital forensics, incident response, threat hunting, and malware analysis, this tool-agnostic approach covers everything from low-level artifacts to high-level behavioral observations.

06:30PM - 09:30PM CEST
In-Person

Tournament: DFIR NetWars

Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.

About DFIR NetWars: Focused on digital forensics, incident response, threat hunting, and malware analysis, this tool-agnostic approach covers everything from low-level artifacts to high-level behavioral observations.

06:30PM - 09:30PM CEST
In-Person

Prague, Czech Republic

Vienna House By Wyndham Andels Prague

Prague enchants visitors with its fairytale architecture, from the iconic Charles Bridge to the towering spires of Prague Castle. The city’s cobblestone streets and charming Old Town Square are steeped in centuries of history. You can enjoy world-class beer in cozy pubs and soak in the laid-back, artistic vibe. With its blend of Gothic, Baroque, and modern influences, Prague feels like stepping into a storybook.

Prague, City View

3 Reasons To Stay At The Event Venue

  • Ultimate Convenience

    Eliminate the hassle of daily commutes and wasted travel time. You’ll have everything you need—from your training to dining and amenities - all in one centralized, convenient location.

  • Seamless Networking Opportunities

    Stay where the action is! Maximize your chances to connect with fellow cybersecurity professionals and industry leaders - from impromptu conversations in the lobby to exclusive after-hours events.

  • All Day, All Event Access

    SANS live training events include bonus sessions exclusively at the venue. Staying on-site ensures you won’t miss these opportunities to grow your network and engage with peers beyond the conference agenda.

People at laptops smiling

Location Information