Tournament: DFIR NetWars
Attendance Options: In-Person
Registration: All students who register for a 4-6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.
About DFIR NetWars: Focused on digital forensics, incident response, threat hunting, and malware analysis, this tool-agnostic approach covers everything from low-level artifacts to high-level behavioral observations.
Computer Requirements: Laptop/desktop-based
- Processor: 64-bit, x86, 2.0 GHz+
- Memory: 16GB (8GB is possible with reduced performance)
- HD: 200GB+ Free, and approximately 50GB download of evidence files and virtual machines
- Interface: USB 3.0 | Type-A or dongle with Type-A
- Operating System: Windows 10 or later, Mac OS 10.15 or later, Linux
- Virtualization Software: VMware - Students are expected to either provide their own forensics tools or use the local VMware VM tools that we provide.
- Extra Requirements: Files downloads are required to participate.
Recommended For: Experienced Digital Forensic Analysts, Forensic Examiners, Media Exploitation Examiners, Malware Analysts, Incident Responders, Threat Hunters, Security Operations Center (SOC) Analysts, Law Enforcement Officers, Federal Agents, Detectives, and Cyber Crime Investigators.
Disciplines: Digital Forensics, Incident Response.
Example Topics:
- Threat Hunting
- Malware Analysis
- SIFT Workstation
- Media Exploitation
- Artifact Analysis
- Rapid Triage
- Malicious attacks
- Network traffic analysis
- Reverse engineering and debugging
- Intrusion detection
Interactive Scenario: As a DFIR specialist, you are provided with evidence files from a series of mysterious compromised systems and conventional computing environments. Your mission? Use your DFIR skills to shed light on attack vectors, indicators of compromise, and other evidence needed to resolve the incident.
Tournament: Cyber Defense NetWars
Attendance Options: In-Person
Registration: All students who register for a 4-6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.
About Cyber Defense NetWars: Focused on preventing, analyzing, and defending against complex real-world attack scenarios, including brute-force attacks and ransomware campaigns.
Computer Requirements: Laptop/desktop-based
- Processor: 64-bit, x86, 2.0 GHz+
- Memory: 16GB (8GB is possible with reduced performance)
- HD: 40GB+ Free
- Operating System: Windows 10 or later, Mac OS 10.15 or later, Linux
- Virtualization Software: VMware
- Extra Requirements: Files downloads are required to participate.
Recommended For: Experienced Security Administrators, Enterprise Defenders, Architects, Network Engineers, Incident Responders, Security Operations Specialists, Security Analysts, and Builders and Breakers.
Disciplines: Cyber Defense, Blue Team.
Example Topics:
- Cyber Defense
- Threat Hunting
- Log Analysis
- Packet Analysis
- Cryptography
- Windows Administration
- Linux Administration
- Network Security Monitoring
- Continuous Security Monitoring
- Steganography
Interactive Scenario: Chaos reigns in the seven kingdoms' houses. Families are supposed to be united, yet, as you are brought in to help protect the kingdoms, there is infighting over the next heir to the throne. Prominent houses are starting to take sides and secret attacks are on the rise. Are you ready to help defend the seven kingdoms?