Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Thank you for joining the DFIR Summit 2020! Here is our present for you!

Take advantage of all the free resources SANS DFIR has available for you!

Authored byViviana Ross

1300x240_Email_DFIR-Summit-2.jpg

We are thrilled that you joined us at the SANS DFIR Summit!  Here are some of the top resources you can use immediately to not only grow your skills, but also connect with the DFIR Community and get a tip or two from your peers: DFIR Resources

DFIR Tools

  • SIFT® - A digital forensics and incident response-based Linux distribution bundling most open-source DFIR tools available.
  • REMnux® - A free Linux toolkit for assisting malware analysts with reverse-engineering malicious software.
  • EZTools - Cutting-edge open-source windows based digital forensics tool suite for scalable, scriptable, fast forensics.
  • SOF-ELK® - "Big data analytics" platform composed of Elastic stack, logstash, Kibana (ELK) to make large scale analysis easier.
  • APOLLO - Apple Pattern of Life Lazy Output'er (APOLLO) extracts and correlates usage data from Apple devices.
  • KAPE - Rapid Triage Forensic Artifact Acquisition and Processing Tool.
  • Hunting Maturity Model - Threat Hunting Evaluation Model.

DFIR Community Programs and Lists

Free Training

  • Test Drive SANS DFIR Courses - If you are new to SANS or unsure of the subject area or skill level to select for your next DFIR training course, SANS offers free one-hour course previews via our OnDemand platform.
  • Tech Tuesday Workshops - Hands-on virtual environments that give you the opportunity to dive into course material.
  • For more resources and for over 150 free tools from our faculty, visit www.sans.org/free.

Too much content and don't not know where to start? Read this blog that has a compilation of the most popular SANS DFIR resources!

Retake Courses at 50% SANS DFIR courses go through major updates several times per year and knowing that some of you are part of the alumni family, we’d like to invite you to retake a course for 50% off at the DFIR Summit. *Please note the 50% retake is offered for all SANS modalities. Here is how to register:

  • Login to your SANS account with the email address you previously used to attend the course.
  • Select which modality/event you want to re-take the course (Live Online or OnDemand).
  • Register and enter “alumni” in the reg code box under payment If your portal account email address has changed since you took the last course, please reach out to registration@sans.org with the information you have on the previous course.

We look forward to seeing you at DFIR Summit and follow us on Twitter @sansforensics for the most up-to-date information.

Meet the expert

Viviana Ross

Viviana has over 15 years in the Digital Forensics and Incident Response (DFIR) industry and started her career as a Director of Marketing at some of the top digital forensic hardware acquisition and evidence analysis companies.

Read more about Viviana Ross
Thank you for joining the DFIR Summit 2020! Here is our present for you | SANS