Get unparalleled cyber security training from real-world practitioners in Miami. Save $300 today!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

SIFT and REMnux: Wonder Twin Powers Activate!

  • Friday, February 26th, 2016 at 1:00 PM EST (18:00:00 UTC)
  • Rob Lee and Lenny Zeltser
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

SANS faculty members Lenny Zeltser and Rob Lee maintain two popular Linux distributions for digital forensics and incident response (DFIR) work. SIFT Workstation™ is a powerful toolkit for examining forensic artifacts related to file system, registry, memory, and network investigations. REMnux® focuses on malware analysis and reverse-engineering tasks. The newly released poster provides a reference to getting started with these freely available toolkits, so you can create you're the ultimate forensication machine. This webcast will provide a core intro to both the SIFT Workstation and REMnux -- installation, utilization, and some key techniques for incident response, forensics, and malware analysis

Join us at the Digital Forensics & Incident Response Summit in June!

The 9th annual Digital Forensics and Incident Response Summit will once again be held in the live musical capital of the world, Austin, Texas. The Summit brings together DFIR practitioners who share their experiences, case studies and stories from the field. Summit attendees will explore real-world applications of technologies and solutions from all aspects of the fields of digital forensics and incident response, all in one single place.

Summit Dates: June 23-24 | Training Course Dates: June 25-30 | Register at sans.org/dfirsummit

Speaker Bios

Rob Lee

Rob Lee is an entrepreneur and consultant in the Washington DC area, specializing in information security, incident response, and digital forensics. Rob is currently the curriculum lead and author for digital forensic and incident response training at the SANS Institute in addition to owning his own firm. Rob has more than 15 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response.

Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information warfare. Later, he was a member of the Air Force Office of Special Investigations (AFOSI) where he led a team conducting computer crime investigations, incident response, and computer forensics. Prior to starting his own firm, he directly worked with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and an exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. Rob was also a director for MANDIANT, a company focused on investigating advanced adversaries, such as the APT, for four years prior to starting his own business.

Rob co-authored the book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. He was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast Awards. Rob is also an ardent blogger about computer forensics and incident response topics at the SANS Computer Forensic Blog. Rob is also a co-author of the MANDIANT threat intelligence report M-Trends: The Advanced Persistent Threat


Lenny Zeltser

Lenny Zeltser has written his share of cybersecurity reports and other content during his tenure in the industry. He'll share with you the writing tips he has picked up along the way. Lenny is senior faculty member at SANS and VP of Products at Minerva Labs. Earlier in his career, he served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania. He blogs at zeltser.com/blog.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.