Skip to content
Antisyphon Training

Antisyphon Training

  • Home
  • News & Updates
  • Calendar
  • Training
    • Course Catalog
    • Live Training
      • Live Courses Catalog
      • Live Training Calendar
    • On-Demand Training
      • On-Demand Catalog
      • Security for MSPs
    • Pay What You Can Training
    • Cybersecurity Training for Businesses
    • The Vault Program
    • Training Roadmap
  • Summits
    • Upcoming Summits
    • Past Summits
  • Cyber Range
    • About Our Cyber Range
    • ACE-T™ Certification
    • Purchase Subscription
  • About
    • Mission
    • FAQ
    • Our Instructors
    • Giving Back
    • Testimonials
  • Contact Us
  • Toggle search form
Enterprise Forensics and Response

Enterprise Forensics and Response w/ Gerard Johansen

Course Length: 16 Hours
Tuition: $575 per person

Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.

Enterprise Forensics and Response
This Antisyphon Training Course is available as a Live Online presentation.

This page is for the Live version of this course. See below for any trainings currently scheduled. If there are no training sessions scheduled at this time, there may be an On-Demand version available.

If you are interested in arranging a private training for your organization, contact us to set up a call!


Course Description

The Enterprise Forensics and Response course is designed to provide students with both an investigative construct and techniques that allow them to scale incident response activities in an enterprise environment. The focus of the lecture portion of the course work is understanding the incident investigation process, objective oriented analysis and response, intrusion analysis and an exploration of attacker Tactics and Techniques.

The technical portion of the course will focus on how to conduct incident investigations at enterprise scale using the remote evidence acquisition and analysis tool Velociraptor along with other free and open-source tools. The focus of the technical portion will be on extracting usable Indicators of Compromise (IOCs) related to specific MITRE ATT&CK tactics. For example, students will be instructed on extracting and analyzing evidence related to the Execution TA0002 of malicious code or LOLBAS. From here, they will be tasked with addressing containment and eradication measures.

This course will combine technical elements along with lecture that provides students with both an investigative construct and techniques that allows them to analyze evidence and provide stakeholders with data necessary to limit the damage of modern cyber-attacks.


Trainer & Author

Gerard Johansen
Gerard Johansen

Gerard Johansen is an information security professional with over a decade of experience in Incident Response, Digital Forensics and Threat Intelligence. During his various roles over the last decade, he has been an author and trainer, developing interactive cyber range exercises for security professionals. Additionally, Gerard has been involved in assisting organizations with cyber security incidents both as a consultant and IR lead. Gerard is currently a Principal Incident Handler with a Managed Detection and Response provider where he is currently working on the development of readiness solutions to prepare organizations for modern threats.

Gerard has also a frequent contributor to professional conferences and the overall information security community. He has spoken at various conferences held by BSides, SANS and other community-based groups. Further, he has recently completed the third edition of Digital Forensics and Incident Response, published by Packt.


If no live trainings appear below, please visit our Live Training Calendar for other classes that may interest you.

Loading view.
  • There were no results found.
  • There were no results found.
Today
  • Previous Events
  • Today
  • Google Calendar
  • iCalendar
  • Outlook 365
  • Outlook Live
  • Export .ics file
  • Export Outlook .ics file

Join the Antisyphon Training Discord Server!
  • Twitter
  • LinkedIn
  • Mastodon
PROMPT#

Copyright © 2023 Antisyphon

Powered by PressBook Dark WordPress theme