Malware and Memory Forensics Training

This training course is designed to prepare you for practical situations involving real adversaries and serious risks. You will not only learn how to detect and thoroughly investigate frequently used attacker techniques, but you’ll learn about the more covert ones that most analysts don’t even know about. You’ll execute these investigations using cutting-edge software that the instructors have developed for exactly these types of situations. 

Volatile memory contains valuable information about the runtime state of the system, provides the ability to link artifacts from traditional forensic analysis (network, file system, registry), and provides the ability to ascertain investigative leads that have been unbeknownst to most analysts. Malicious adversaries have been leveraging this knowledge disparity to undermine many aspects of the digital investigation process with such things as anti-forensics techniques, memory resident malware, kernel rootkits, and encryption (file systems, network traffic, etc.).

The only way to turn-the-tables and defeat a creative digital human adversary is through talented analysts.