Interactive, live-stream cybersecurity training, August 17 (MDT). Register by tomorrow to save $150.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

Bringing DevOps to DFIR

  • Friday, May 29, 2015 at 3:00 PM EDT (2015-05-29 19:00:00 UTC)
  • Barry Anderson

You can now attend the webcast using your mobile device!



This webcast will discuss the benefits of bringing a DevOps mindset to DFIR and detail how to automate the evidence processing phase of a "typical" enterprise DFIR investigation using the Jenkins Continuous Integration server atop the SIFT workstation. Barry will discusses the library of Jenkins jobs that have been built up to encapsulate the Six Step process from SANS FOR508 - Advanced Digital Forensics and Incident Response, as well as the advantages of using the ELK (Elasticsearch, Logstash, Kibana) stack for timeline visualization. Finally he will detail Forensicator FATE, the lightweight DFIR case manager that abstracts away the complexity of Jenkins, allowing the forensicator's time to be spent analyzing, versus processing, the evidence.

Hear more from Barry at the DFIR Summit & Training in Austin, July 7-8th.

Why should you attend?

  • DFIR-Focused Training - Seven DFIR courses with top-rated industry expert instructors.
    • FOR408, FOR508, FOR526, FOR572, FOR610, SEC504 and the NEW FOR578
  • Summit Talks - Two days of trending talks with over 30 expert DFIR speakers.
  • DFIR NetWars - Two nights of hands-on, interactive learning enabling you to develop and master the skills needed to excel. Free when you register for a class!
  • Networking - Opportunities for real discussions with the best leaders in the community.

Register Today to learn what the experts know and get the training and knowledge you need to advance your DFIR career.

Speaker Bio

Barry Anderson

Barry has over 20 years of experience in IT Security, specializing in Firewalls, Internet Security and Internet Infrastructure. He has provided a wide range of information security, systems and network administration consulting services to the financial and telecommunications sectors of private industry. He has BSc Comp Sci, GSEC (Gold, Hons) and GFOR (Gold, Hons) certifications and is a member of AISA and ISACA.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.