SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsPicture this: you approach a machine where you know an incident has occurred, but all traditional logs are missing or wiped leaving you with no clear starting point. Enter srum-dump Version 3, a brand new, free, powerful forensics tool available at github.com/MarkBaggett/srum-dump, designed to extract and analyze the Windows System Resource Usage Monitor (SRUM) database into XLSX or CSV spreadsheets.
This tool is a lifeline for incident responders, law enforcement, and network defenders, as it reconstructs a detailed 30-day history of system activities, including application usage, network connections, and resource consumption, even when other logs are unavailable. In this presentation, the tool’s author, Mark Baggett, will demonstrate live how srum-dump empowers you to uncover critical evidence and rebuild the incident timeline. Join us to see how this tool can transform your forensic investigations when the odds seem stacked against you!
Mark Baggett has revolutionized cybersecurity through his leadership at SANS. His development of tools like Freq Server has strengthened threat detection, while his work in automation has empowered professionals to defend against evolving threats.
Read more about Mark Baggett