Special Offer w/ OnDemand or Live Online Training thru June 10 - Learn More!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

SIFT and REMnux: Wonder Twin Powers Activate!

  • Friday, February 26, 2016 at 1:00 PM EST (2016-02-26 18:00:00 UTC)
  • Lenny Zeltser, Rob Lee

You can now attend the webcast using your mobile device!

  

Overview

SANS faculty members Lenny Zeltser and Rob Lee maintain two popular Linux distributions for digital forensics and incident response (DFIR) work. SIFT Workstation™ is a powerful toolkit for examining forensic artifacts related to file system, registry, memory, and network investigations. REMnux® focuses on malware analysis and reverse-engineering tasks. The newly released poster provides a reference to getting started with these freely available toolkits, so you can create you're the ultimate forensication machine. This webcast will provide a core intro to both the SIFT Workstation and REMnux -- installation, utilization, and some key techniques for incident response, forensics, and malware analysis

Join us at the Digital Forensics & Incident Response Summit in June!

The 9th annual Digital Forensics and Incident Response Summit will once again be held in the live musical capital of the world, Austin, Texas. The Summit brings together DFIR practitioners who share their experiences, case studies and stories from the field. Summit attendees will explore real-world applications of technologies and solutions from all aspects of the fields of digital forensics and incident response, all in one single place.

Summit Dates: June 23-24 | Training Course Dates: June 25-30 | Register at sans.org/dfirsummit

Speaker Bios

Rob Lee

Rob Lee is the Chief Curriculum Director and Faculty Lead at the SANS Institute where he oversees the Digital Forensics, Incident Response, Cloud, Pen Testing, Audit, Application Security, and Cyber Defense curricula along with other operational functions in the company. With more than 24 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response, he provides consulting services in the Washington, D.C. area. Before starting his own business, Rob worked with government agencies in the law enforcement, defense and intelligence communities as a lead forvulnerability discovery and exploit development teams, a cyber forensics branch, and a computer forensic and security software development team.

Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations (AFOSI) where he led a team conducting computer crime investigations, incident response, and computer forensics. Prior to starting his own firm, he directly worked with a variety of government agencies, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and an exploit development team, lead for a cyber forensics branch, and lead for a digital forensic and security software development team. Rob was also a directorfor MANDIANT, a company focused on investigating advanced adversaries, such as the APT, for five years prior to starting his own business. Rob co-authored the book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. Rob is also a co-author of the MANDIANT threat intelligence report M-Trends: The Advanced Persistent Threat.


Lenny Zeltser

Lenny Zeltser has written his share of cybersecurity reports and other content during his tenure in the industry. He'll share with you the writing tips he has picked up along the way. Lenny is senior faculty member at SANS and VP of Products at Minerva Labs. Earlier in his career, he served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania. He blogs at zeltser.com/blog.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.