Ending Soon! Get an iPad Air with Smart Keyboard, Surface Go, or $300 Off thru Dec 11 with OnDemand or vLive Training!


To attend this webcast, login to your SANS Account or create your Account.

Bringing DevOps to DFIR

  • Friday, May 29th, 2015 at 3:00 PM EDT (19:00:00 UTC)
  • Barry Anderson
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


This webcast will discuss the benefits of bringing a DevOps mindset to DFIR and detail how to automate the evidence processing phase of a "typical" enterprise DFIR investigation using the Jenkins Continuous Integration server atop the SIFT workstation. Barry will discusses the library of Jenkins jobs that have been built up to encapsulate the Six Step process from SANS FOR508 - Advanced Digital Forensics and Incident Response, as well as the advantages of using the ELK (Elasticsearch, Logstash, Kibana) stack for timeline visualization. Finally he will detail Forensicator FATE, the lightweight DFIR case manager that abstracts away the complexity of Jenkins, allowing the forensicator's time to be spent analyzing, versus processing, the evidence.

Hear more from Barry at the DFIR Summit & Training in Austin, July 7-8th.

Why should you attend?

  • DFIR-Focused Training - Seven DFIR courses with top-rated industry expert instructors.
    • FOR408, FOR508, FOR526, FOR572, FOR610, SEC504 and the NEW FOR578
  • Summit Talks - Two days of trending talks with over 30 expert DFIR speakers.
  • DFIR NetWars - Two nights of hands-on, interactive learning enabling you to develop and master the skills needed to excel. Free when you register for a class!
  • Networking - Opportunities for real discussions with the best leaders in the community.

Register Today to learn what the experts know and get the training and knowledge you need to advance your DFIR career.

Speaker Bio

Barry Anderson

Barry has over 20 years of experience in IT Security, specializing in Firewalls, Internet Security and Internet Infrastructure. He has provided a wide range of information security, systems and network administration consulting services to the financial and telecommunications sectors of private industry. He has BSc Comp Sci, GSEC (Gold, Hons) and GFOR (Gold, Hons) certifications and is a member of AISA and ISACA.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.