Steve Anson

Steve Anson is co-founder of Informed Defense ( where he provides strategic and tactical advice to a diverse range of global clientele in the areas of incident response, digital forensics, and network security. Steve is the author of Applied Incident Response ( and the co-author of Mastering Windows Network Forensics and Investigations, both released by Wiley Publishing. Steve has provided cyber security and digital investigation services for over 20 years in more than 60 countries.

As a task force agent for the Federal Bureau of Investigation and a special agent with the Defense Criminal Investigative Service, Steve conducted digital forensic examinations and led complex computer crime investigations into network intrusions, international espionage, domestic and international terrorism, fraud, crimes against children and other cases involving national security and imminent danger to life.

More About Steve

Upcoming Courses


As an instructor at the Federal Bureau of Investigation Academy, Steve trained hundreds of veteran FBI cybercrime agents in the investigation of computer network intrusion and other computer crimes. In this role, Steve also trained agents for the U.S. Secret Service, the Naval Criminal Investigative Service, the Department of Energy, the U.S. Air Force, the Defense Criminal Investigative Service, the U.S. Army and many international agencies.

As a contractor for the US State Department, Steve has trained law enforcement, prosecutors and judges in a wide range of countries, including Malaysia, Kazakhstan, Egypt, Jordan, Kyrgyzstan, Thailand, Senegal, Ethiopia, Bangladesh, Kenya, Colombia, Uganda, Tanzania, Morocco, North Macedonia, Indonesia, the Philippines and many others in cybercrime investigation and digital forensics, helping these nations establish and improve their cyber investigative capability. He has worked with many national law enforcement agencies to establish digital forensics and cyber investigation units and develop policies and procedures in line with international standards.

Steve holds an MS in Computer Science and has received numerous industry credentials, including: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Penetration Tester (GPEN), GIAC Defending Advanced Threats (GDAT), GIAC Certified Forensic Analyst (GCFA), GIAC Python Coder (GPYC), Department of Defense Certified Computer Crime Investigator, Federal Law Enforcement Training Center Seized Computer Evidence Recovery Specialist (SCERS), EnCase Certified Examiner (EnCE), and Cellebrite Certified Mobile Examiner (CCME). Steve has served as an Adjunct Professor for George Washington University’s Master of Computer Forensics program and is a certified Lead Assessor for laboratory competence in ISO 17025:2005 with the American Association for Laboratory Accreditation. Steve is also is also a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition.



Applied Incident Response


Applied Incident Response

Mastering Windows Network Forensics and Investigation, 2nd Edition