Start in DFIR Resources | SANS Institute

The Godfather of Forensics: How to Leverage Your "Year One" to Get an Offer You Cannot Refuse

Watch Rob Lee, SANS Chief Curriculum Director & Faculty Lead, share his DFIR origin story.

Reflecting on 20 years in the industry, he discusses mistakes made, lessons learned, and advice to new professionals on how to go from their first job to their dream job.

View More Summit Videos Explore Upcoming Summits

3MinMax Beginners: Bite-Sized Videos to Get Up to Speed Quickly in Digital Forensics and Incident Response

This video series by SANS instructor and author Kevin Ripa offers snapshots into the industry so you can explore multiple topics within cyber security and DFIR.

Choose from 200 videos!

Watch More Videos in this Series

More DFIR Origin Stories

See inspiring stories about how industry experts got started in digital forensics and incident response, along with tips to help you on your journey.

Watch the video as SANS DFIR Curriculum Lead Heather Mahalik walks you through lessons learned and methods to get the most out of DFIR and enhance your daily work in What Makes a Solid DFIR Professional – How to Keep Growing in The Field and Not Lose Your Luster.

Watch on YouTube

What Students Say About Learning From Industry Experts

Read what SANS alumni say about learning from leading DFIR instructors, such as Rob Lee, Kevin Ripa, and Heather Mahalik.

Rob is awesome! I really enjoy how he throws in some real world encounters

Ryan Gabet

- Cisco Systems Inc.

I enjoy how Kevin provides students with real-world scenarios and experiences that relate to the material he is discussing.

Jeff Spurlock

- Nevada National Guard

OMG!!! Heather just showed me something that is going to completely change the way I do forensics.

Jeff Madsen

- WA State DSHS

Train and Certify

Manage Your Team

Security Awareness

Resources

Get Involved

About

Resources for Starting in DFIR

What Students Say About Learning From Industry Experts

Keep Exploring