Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

A Visual Summary of SANS DFIR Summit 2023

Check out these graphic recordings created in real-time throughout the event for SANS DFIR Summit 2023

Authored byAlison Kim
Alison Kim

On August 3-4, attendees joined us in-person in Austin or tuned in Live Online for the SANS DFIR Summit 2023!

We invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the Summit through a visual lens, take a look at the recordings below.

*If you registered for the Summit, video recordings are available on your Summit Access page in your SANS Portal.

Digital Forensics: The Foundation of All Cyber Investigations

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltc854c4b13fdaaec6/64cbc779bfb67127ed6bf204/01_SansDFIR_Tarbell_(1).jpg

Once More unto the Data-Breach: Navigating Investigations of Unconventional Data Sources

David Sigmundson, Associate Managing Director, Kroll Anthony Woodburn, Senior Associate, Kroll

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltc50536f5a3eaa9f8/64cbd6991072f029863f13eb/02_SansDFIR_Ackerman_Sigmundson_Woodburn.jpg

Leveraging Digital Footprints for Darkweb Investigations and Attack Surface Management

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt3b06025179a58e9a/64cbe32a1d183c5e26d1d9d5/03_SansDFIR_Srivastava.jpg

Picture Perfect: The Power of Attack Path Diagrams in DFIR Investigations

Brad Slaybaugh, Incident Response Lead, Mandiant

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltc63836318c21cdf9/64cbe32a5aa627f8c5c2a706/04_SansDFIR_Pany_Slaybaugh.jpg

Fast Forensics and Threat Hunting with Yamato Security Tools

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltae1119fb12caffd0/64cbfaa5b1a0db5163d335b6/05_SansDFIR_Mathis_(1).jpg

EKS Incident Response and Forensic Analysis

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltbcd6f22b64c91b9a/64cc09cf2b0596c549c7e1ec/06_SansDFIR_Poling.jpg

A New Perspective on Resource-Level Cloud Forensics

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt91f8bd9a1fe964db/64cc0896369276ecb9af7295/07_SansDFIR_Doman.jpg

Incident Analysis Case Study Focusing on .NET malware

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltdc98c132260db4b6/64cc260f1072f0c5d23f153b/08_SansDFIR_Murakami_(1).jpg

I Want The Log I Can't Have

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt81fec9c03d97db03/64cc260f674e98615848ede7/09_SansDFIR_Stoner.jpg

Beyond the Basics: Microsoft 365 Attacks We Didn't See Coming

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt266bdfd120f48d1c/64ccf409b376edf168efc65d/10_SansDFIR_Ailes_Paluch.jpg

Keynote | Bridging the Gap: Integrating Digital Forensics with Open Source Intelligence

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blta14a9e14dc55a393/64cd1e5f70c326b76c787e53/11_SansDFIR_Edmondson_(1).jpg

2 Meta 2 Oculus

Brian Moran, CTO, BriMor Labs

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt80e5427a586b1bd7/64cd1e9ec5b4bea15ca6eaa9/12_SansDFIR_Gauthier_Moran.jpg

Forensic Investigation of Email Client Tool Marks

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt348b6bce5c25745a/64cd291e674e98821348f1c9/13_SansDFIR_Gungor.jpg

What Can DFIQ Do For You?

Jon Brown,Technical Program Manager, Google

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt5235a9fd91919b88/64cd2f6b1072f088183f192f/14_SansDFIR_Benson_Brown_(1).jpg

Special Delivery: Defending and Investigating Advanced Intrusions on Secure Email Gateways

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltcf2bb03f47280f95/64cd3ea738c04d7bf8aec957/15_SansDFIR_Tomlinson_Zaveri.jpg

The Truth About USB "Serial Numbers" – Redux

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt27e4436a245b5d5a/64cd58183707d80069a221a0/16_SansDFIR_Ripa.jpg

Windows Search Index: The Forensic Artifact You've Been Searching For

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt5c30613c9ba0c569/64cd581eb1fb31550714a9d0/17_SansDFIR_Kulkarni_Paluch.jpg

Direct Handling of AWS Snapshots: Reading Files in a Snap!

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltd6c0619956f5691a/64cd5d9a1d183c051cd1dfed/18_SansDFIR_Seyer_(3).jpg

Differential File System Analysis for the Quick Win

https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltdc56198f7129db03/64cd6beb3692764e70af7850/19_SansDFIR_Hartman.jpg

If you'd like to check out our other upcoming Summits, you can view the latest listing here.

Meet the expert

A Visual Summary of SANS DFIR Summit 2023