We are very excited that, for the first time, we are hosting an in-person, public offering of our popular Malware and Memory Forensics Training focused solely on Volatility 3! This training takes place October 22–25, 2024, in Arlington, VA.
Volatility 3 was designed from the ground up to meet the needs of modern investigations, including features that support automation, reporting, filtering, and integration with other analysis and correlation engines, as well as many brand-new plugins that automatically pinpoint modern malware and attacker toolkits. Students who attend this course will be the first to learn about its internals, unique features, and best methods for integration into real-world DFIR workflows – all from members of the core development team.
Besides learning Volatility 3 from our team, students will also have access to a vastly updated and expanded set of course materials, including all new lecture sections and labs. Students often rate our labs as the best they have encountered during training courses, as our labs directly mimic malicious techniques we see used in the wild. The accompanying lab guide fully walks students through the lab, including helpful notes and screenshots.
And of course, we ensure students receive more than enough swag to make coworkers jealous!
To register for this in-person training, join the waitlist to request an invite!
Students who register for the training will also receive a complimentary pass to our From the Source event that takes place the day before the course, on October 21!
From the Source is a two-track, one-day conference that will have talks covering memory forensics, threat intelligence, malware analysis, and other topics focused on modern threats. Speakers will include developers of your favorite open-source tools, as well as the digital investigators who discovered some of the biggest intrusions of the past year.
If you would like a sneak peek at just some recent research that has been incorporated into the new training course, watch Andrew Case’s recent presentation at BSidesPhilly on detecting modern (Win10+) credential dumping attacks:
and his presentation at BSidesCharm on detecting modern rootkits:
If you would like to discuss these events with us in person, many members of our team will be around during Black Hat USA, and Andrew Case will be delivering a talk at DEFCON on one of our latest research projects. If you’d like to meet up with us, please reach out!
We are looking forward to seeing many of our community members at these events, and, as always, we are very grateful for your continued support of the Volatility project.
— The Volatility Team