Getting Started with the SIFT Workstation

  • Friday, 10 Nov 2017 1:00PM EST (10 Nov 2017 18:00 UTC)
  • Speaker: Rob Lee

An international team of forensics experts helped create the SIFT Workstation and made it available to the whole community as a public service. The free SIFT Workstation, that can match any modern forensic tool suite, is also featured in SANS FOR508: Advanced Threat Hunting and Incident Response course (https://www.sans.org/FOR508). It demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated. SIFT has become the most popular download on the SANS website. Over the past year, 20,000 individuals have downloaded the SIFT workstation and it has become a staple in many organizations key tools to perform investigations. This session will demonstrate some of the key tools and capabilities of the suite. You will learn how to leverage this powerful tool in your incident response capability in your organizations.