Start in DFIR Resources | SANS Institute

The Godfather of Forensics: How to Leverage Your "Year One" to Get an Offer You Cannot Refuse

Watch Rob Lee, SANS Chief Curriculum Director & Faculty Lead, share his DFIR origin story.

Reflecting on 20 years in the industry, he discusses mistakes made, lessons learned, and advice to new professionals on how to go from their first job to their dream job.

View More Summit Videos Explore Upcoming Summits

3MinMax Beginners: Bite-Sized Videos to Get Up to Speed Quickly in Digital Forensics and Incident Response

This video series by SANS instructor and author Kevin Ripa offers snapshots into the industry so you can explore multiple topics within cyber security and DFIR.

Choose from 200 videos!

Watch More Videos in this Series

More DFIR Origin Stories

Watch the video as SANS DFIR Curriculum Lead Heather Mahalik walks you through her lessons learned and tips to help you along your journey into DFIR.

Read about how Kevin Ripa, SANS Senior Instructor, and 25-year digital investigation veteran, stumbled into cyber forensics by chance and how a career shift into DFIR can happen at any time.

Watch on YouTube Read Kevin's Story

What Students Say About Learning From Industry Experts

Read what SANS alumni say about learning from leading DFIR instructors, such as Rob Lee, Kevin Ripa, and Heather Mahalik.

Rob is awesome! I really enjoy how he throws in some real world encounters

Ryan Gabet

- Cisco Systems Inc.

I enjoy how Kevin provides students with real-world scenarios and experiences that relate to the material he is discussing.

Jeff Spurlock

- Nevada National Guard

OMG!!! Heather just showed me something that is going to completely change the way I do forensics.

Jeff Madsen

- WA State DSHS

Free Course Demos

New Cyber Trends & Training in 2023

2023 Security Awareness Report

Security Policy Templates

Join the Community

Our Mission

Resources for Starting in DFIR

What Students Say About Learning From Industry Experts

Keep Exploring