SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsMaster threat hunting techniques and learn to identify, analyze, and respond to incidents on Linux platforms. This poster highlights key processes and artifacts related to common attacks, along with effective tools and techniques for investigation. Use it as a handy cheat-sheet to remember where to find essential Linux artifacts, how to analyze them, and when they may be useful during an investigation. This poster is a resource developed from the FOR577: Linux Incident Response and Threat Hunting course, reflecting the expertise taught in the class, and was created by SANS Instructors Kat Hedley and Taz Wake.
Kathryn Hedley has led various forensic teams since 2010, spending three years embedded within a cross-organizational team, liaising directly with multiple clients. She is currently a Director and Digital Forensic Specialist for Khyrenz Ltd.
Learn moreWith FOR577, Taz has authored the first course to systematize threat hunting on Linux systems. His operational leadership—from military intelligence to heading a FTSE100 CSIRT—has fortified global cyber defense capabilities across sectors.
Learn more