We are opening this Summit to the community. Register now for FREE!


Free Summit: July 22-23 | Training: July 26-31 | Summit CPE Credits: 12
Co-Chairs: Heather Mahalik & Phil Hagen

side_by_side_top_event_site.png

The annual SANS Digital Forensics & Incident Response (DFIR) Summit is the most comprehensive DFIR event of the year, bringing together a passionate and influential group of experts, cutting edge research and tools, immersive training, and industry networking opportunities. Over the course of this Live Online training event, you'll enjoy:

  • Highly Technical Summit Talks - The industry's top practitioners will share their latest digital forensics and incident response research, solutions, tools, and case studies. You’ll have more than 20 talks to choose from, plus lots of new virtual event features that will have you schooled up before the week is out.

  • A One-of-a-Kind Virtual Networking Experience - This Live Online event offers exclusive access to connect with your fellow DFIR community, leading experts and analysts, as well as SANS instructors and staff. Attendees tell us time and again that one of the greatest takeaways from a SANS Summit is the many industry connections they forge or deepen during their time with us.

  • Closely Aligned SANS DFIR Live Online Courses - Enhance your knowledge base and add to your toolkit with a hands-on, immersive course taught by top SANS instructors and course authors.

  • DFIR NetWars - The Coin Slayer! (July 29 & July 30) - Now with new questions and more interactive challenges! - Students enrolled in courses at the DFIR Summit & Training from July 26-31 can join us for everyone's favorite incident simulator packed with a vast amount of forensic, malware analysis, threat hunting, and incident response challenges designed to help you gain proficiency without the risk associated when working real life incidents. Earn DFIR course coins by correctly answering all questions from all four levels of one or more of the eight DFIR domains. Leave with a motherlode of coinage! As a paid course registrant for SANS DFIR Summit 2021, you will receive an email invitation the week of the event detailing how to confirm your spot and join online. You will need to follow the steps in the email to join the tournament.

Please note: Your SANS DFIR Summit registration information will NOT be shared with any third-party vendors.
The DFIR Solutions Track will be held in tandem with the Summit requires a separate registration. During the Solutions Track registration process, you may be asked to consent that SANS may provide my contact information to a third-party sponsor. You can register for the Solutions Track here.

side_by_side_event_site_3.png


Who Should Attend

Every year, forensic and incident response professionals from around the world attend the SANS DFIR Summit to learn how to overcome their latest obstacles, learn about the latest open-source forensic tools, share methods and strategies proven effective in their investigations, and learn from the top DFIR practitioners in the industry.

The knowledge shared over just two days is enough to last the entire year. Whether this is your first or fourteenth DFIR Summit, you’ll be joining a community that is driven by the search for truth in digital forensics and eradicating adversaries from their target environment through incident response engagements.

Ask any of the returning attendees - a key benefit is that you’ll have the opportunity to network with other like-minded DFIR professionals. If you work in digital forensics or incident response, the SANS DFIR Summit is the must-attend event of the year.


Ken Johnson Scholarship 2021

In memory of Ken Johnson, the SANS Institute and KPMG LLP created a scholarship that was introduced at the SANS DFIR Summit in June 2016 and will be awarded annually. Learn more and submit your application here.


CPEs & Certificate of Completion

- You will get 12 CPEs for attending the SANS DFIR Summit. (6 for each day you attend)
- If you attend the DFIR Summit Solutions Track you will receive 6 CPEs.
- Currently, we are not able to issue CPEs to those that view the Summit or Solutions Track recordings.
- A Certificate of Completion will be available in your account after the Summit’s conclusion.
- SANS will automatically submit your CPEs to GIAC within 7-10 days after the event’s end date of [July 31] - No action is required on your part.

Boost Expertise with a Bundled Course

Choose from a number of hands-on, immersion-style SANS Live Online courses to help you expand your information security expertise. SANS courses are taught by experienced practitioners who are among the best cybersecurity instructors in the world. They will provide you with the guidance and skills you need to protect your organization and advance your career.

If you are looking for in-person SANS Training, check out these top SANS DFIR courses being offered in-person the week of July 26-31 in Austin, TX.


Summit Agenda

What Attendees Say About Their DFIR Summit Experience

The Summit informed me of the latest forensic advancements that I would not otherwise hear about.
Al Hirst
- N.I.S.T.
The DFIR Summit never disappoints and is still the #1 DFIR event. As a leader, it allows me to keep a pulse on cutting-edge research.
Brad Garnett
- Cisco Talos
Every talk has a little nugget that you can add to your forensic toolbox no matter what your forensic wheelhouse may be. This is a must-attend event.
A. Sparling
I think this is the very best event in the DFIR Community, bar none. The combination of the best networking opportunities and the world's best instructors and content can't be beat.
John McCash
- Northern Trust

    Important Dates

    Refund Date
    July 5, 2021