45+ Cyber Security Courses at SANS 2019 in Orlando! Save up to $200 thru 2/27.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

FOR508 - Advanced Incident Response and Threat Hunting Course Updates: Hunting Guide

  • Monday, November 21st, 2016 at 1:00 PM EST (18:00:00 UTC)
  • Rob Lee
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

SANS authors update course materials two to three times per year to address the latest threats, tools, and methodologies. This fall, the latest version of the FOR508 Digital Forensics, Incident Response & Threat Hunting course debuted. This update begins to shift the focus of the course even more into Threat Hunting methodologies in addition to the Incident Response focus that we have. The update includes a brand new section on how adversaries gain privileged access inside your windows enterprise environments and discusses the latest windows technologies that are mitigating them. Students will learn how adversaries laterally move around your environment. A brand new section on Windows Event Log analysis for incident responders and threat hunters will show hunting teams how to track lateral movement across the enterprise and how to capture even more advanced utilization of powershell exploitations that attackers are utilizing. The latest updates are critical to anyone using their skills in incident response or hunting across multiple phases of an adversarys kill chain.  Were really excited to make an already great course even better - and hope you can join us to learn more.

Please visit sans.org/for508 to learn more or to view the course run schedule

Speaker Bio

Rob Lee

Rob Lee is a SANS fellow and the curriculum lead and author for digital forensic and incident response training at the SANS Institute. With more than 15 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention and incident response, he provides consulting services in the Washington, D.C. area. Before starting his own business, Rob worked with government agencies in the law enforcement, defense and intelligence communities as a lead for vulnerability discovery and exploit development teams, a cyber forensics branch, and a computer forensic and security software development team. He also worked for a leading incident response service provider and co-authored Know Your Enemy: Learning About Security Threats, 2nd Edition.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.