As you know, SANS authors continually update course materials to address the latest threats, tools, and methodologies.'this December, the latest version of FOR572 Advanced Network Forensics Analysis goes into production, starting at 'Cyber Defense Initiative 2016 in Washington DC.
This update includes a more thorough integration of the latest version of the 'SOF-ELK 'distribution, for both log aggregation and NetFlow analysis.'students will learn how to load both logs and archived NetFlow to SOF-ELK for efficient, effective analysis. 'We've also added the 'Moloch 'full-packet analysis platform to the materials. 'Moloch allows the user to load live or previously-captured network traffic to a rich and scalable analysis engine. 'It makes quick work of hunting large captures for critical artifacts of communication.
Additionally, we added the latest versions of numerous tools, new analytic workflows, an updated custom version of the 'SANS Linux SIFT Workstation 'and lots more.'tune into this webcast to get an overview of what's new and exciting in the course starting at CDI. 'We 're really excited to make an already great course even better - and hope you can join us for the fun 'at one of our upcoming events.
SANS CYBER DEFENSE INITIATIVE Washington, DC | Dec 10-17
FOR572 Advanced Smartphone Forensics Course
Instructor: Phil Hagen
For more information or to register visit: https://www.sans.org/u/krx