Training

Capacity building guide in digital forensics and incident response

Recommended Courses

Main training options available

🔍

Digital Forensics Fundamentals

Fundamental concepts of digital forensics, including methodologies, basic tools and procedures for acquisition and analysis of digital evidence.

Topics covered:

  • Introduction to digital forensics
  • Chain of custody
  • Evidence acquisition
  • File system analysis
  • Basic forensic tools
🛡️

Incident Response

Techniques for detection, containment and eradication of advanced threats in corporate environments.

Topics covered:

  • Intrusion detection
  • Malware analysis
  • Threat hunting
  • Containment and eradication
  • Documentation and reporting
📱

Mobile Device Forensics

Techniques and tools for extraction and analysis of data from smartphones and tablets, including iOS and Android.

Topics covered:

  • Mobile device architecture
  • Extraction methods (physical, logical, file system)
  • Application analysis
  • Deleted data recovery
  • Specialized tools

Advanced Courses

🔍

FOR508: Advanced Digital Forensics, Incident Response, and Threat Hunting

Certification: GCFA (GIAC Certified Forensic Analyst)

Skills to identify, bypass and recover from threats in networks, including APTs and advanced malware.

Topics covered:

  • Collection and analysis of memory artifacts
  • Timeline analysis
  • Super timeline analysis
  • Malware and backdoor detection
  • Threat hunting
🛡️

SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling

Certification: GCIH (GIAC Certified Incident Handler)

Tools and techniques used by hackers and best practices for incident response.

Topics covered:

  • Incident response methodology
  • Reconnaissance and exploitation techniques
  • Vulnerability analysis
  • Threat containment and eradication
  • Documentation and lessons learned

Certifications

Main certifications in the DFIR area

GCFA - GIAC Certified Forensic Analyst

Certification in forensic analysis, incident response and threat hunting.

GCIH - GIAC Certified Incident Handler

Certification in security incident response.

CCFE - Certified Computer Forensics Examiner

Certification in methodologies and techniques for forensic examination of digital devices.

Technical Documents

📚

Technical Documents

Technical PDFs on digital forensics and incident response.

🔍

Incident Response

Documents for incident response professionals.

View More Documents