Advance your Career with Hands-on Cyber Security Training in San Francisco. Save $350 thru 5/29.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

From Seizure to Actionable Intelligence in 90 Minutes or Less

  • Thursday, May 2nd, 2019 at 10:30 AM EDT (14:30:00 UTC)
  • Kevin Ripa
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

An effective battlefield forensicator must investigate large amounts of data quickly while maintaining data collection integrity and defensibility, often within high-stress environments. SANS is proud to introduce the FOR498: Battlefield Forensics & Data Acquisition, a new course authored by Instructors Eric Zimmerman and Kevin Ripa. This webcast will give you an overview of the contents of the 6 day course and the myriad of topics being covered. We will also dive deeper into a couple of the highlights, including booting an .E01 file in VMware to view the contents as though we were sitting at the subjects computer without spoliating the source evidence; discussing non-traditional acquisitions, and write blocking of devices that dont lend themselves to the traditional methods of protecting source data. We will cover a lot of ground in a little time, so bring a seatbelt!

Speaker Bio

Kevin Ripa

Kevin serves as president of The Grayson Group of Companies, which consists of Computer Evidence Recovery, Pro Data Recovery Inc., and J.S. Kramer & Associates, Inc. He provides investigative services to various levels of law enforcement, Fortune 500 companies, and the legal community. As a 25-year veteran of the digital investigations field, Kevin has designed, produced, hosted, and taught numerous industry-related courses, and has had over 100 speaking and training engagements with industry and law enforcement around the world. He holds a number of industry certifications, including four GIAC certifications (GCFE, GCFA, GSEC, GISF), EnCase Certified Examiner, Certified Data Recovery Professional, and more. 

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.