In-Depth Corporate Cyber Investigations Bundle
This bundle of three courses, aimed at corporate cyber incident responders, covers Windows forensics, incident investigations, and maximizing DFIR results using YARA, Sigma, and Belkasoft X.
A free 30-day trial license for Belkasoft X provided
Training materials included
Practical tasks
Certificates of completion and achievement
2
days
It can take up to 2 days to complete the course
3
courses
This bundle includes three courses
Courses in bundle
This bundle includes 3 courses
For €1998* instead of €2997*
Windows Forensics with Belkasoft
+8 Hours
8 Sections
€999*
Incident investigations with Belkasoft
+4 Hours
5 Sections
€999*
Maximizing DFIR Results with YARA, Sigma, and Belkasoft X
+8 Hours
5 Sections
€999*
What you will learn
This course is tailored for digital forensics investigators who work with Windows computers. It provides an opportunity to enhance your knowledge and gain practical experience in identifying and analyzing Windows artifacts.
Topics covered
- How to review common Windows file systems, and which file system features might be useful in a DFIR investigation
- How to examine Windows applications, such as chats, browsers, and mail clients
- How to inspect media files and documents, and utilize media-specific analysis options, such as text recognition and keyframe extraction
- How to identify and analyze forensically important Windows system files, such as registry files, event logs, and LNK files
- How to get more evidence from a Windows data source by using carving, embedded data analysis, and other advanced forensic techniques
This course is designed for experienced DFIR professionals seeking to enhance their knowledge and gain practical experience in utilizing Belkasoft products to solve incident investigations in the Windows environment.
Topics covered
- How to hunt for initial infection vector with Belkasoft and what tricks are usually used by hackers to penetrate company's infrastructure
- How to uncover cyber threat actors' persistence mechanisms
- How to track potentially malicious files with evidence of execution
- How to use filtering, timeline and other techniques in order to narrow your search and conduct a successful incident investigation with Belkasoft X
This course is designed for cybersecurity specialists with prior experience in DFIR who wish to enhance their incident response capabilities by incorporating YARA and Sigma rules into their existing stack.
Topics covered
- What important information can be obtained from system event logs, LNK files, and other system files
- What Sigma and YARA rules are and how they can assist in your investigation
- How to interpret, construct, and tune Sigma rules
- How to read and write YARA rules and improve their efficiency
- How to use wildcards and regular expressions in rule creation
- How to apply Sigma and YARA rules in Belkasoft X
In-Depth Corporate Cyber Investigations Bundle
This bundle of three courses, aimed at corporate cyber incident responders, covers Windows forensics, incident investigations, and maximizing DFIR results using YARA, Sigma, and Belkasoft X.
- Windows system file analysis (registry, event logs, LNK)
- Advanced Windows forensics (carving, embedded data)
- Initial attack vector identification
- Adversary persistence method detection
- Lateral movement technique analysis
- Sigma rule interpretation and tuning
- YARA rule creation and optimization
Important Notice
All courses are in English