The Hitchhiker’s Guide to Evidence Sources - SANS Webcast

Channel:
United States SANS Institute
Subscribers:
64,099
Published on ● Video Link: https://www.youtube.com/watch?v=toW8UDXAuwE


Category:
Guide
Duration: 52:51
611 views
10

More information about FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics: https://www.sans.org/FOR508

When conducting an investigation, knowing where to find the most valuable evidence across a corporate network can be difficult. Many organizations don't consider evidence before an incident occurs, which is especially true for smaller organizations or those which dont experience incidents very often.

So in most cases, were limited to whatever evidence happens to be available; we collect the breadcrumbs we can find.

In this presentation, Nick will discuss the most valuable sources of evidence for several typical investigation types, so you can:

- Identify the value of specific evidence sources across your environment
- Know how forensic investigators use them to reconstruct a breach or other incident

- Start collecting these evidence sources to maximize your ability to investigate when an incident occurs.

Presenter: Nick Klein



Other Videos By SANS Institute


2019-05-23Using FUD to Cause Anxiety - Common Cybersecurity Writing Mistakes
2019-05-22Not Using Parallel Structure - Common Cybersecurity Writing Mistakes
2019-05-21Using More Words Than Necessary - Common Cybersecurity Writing Mistakes
2019-05-20Applying Inconsistent Formatting - Common Cybersecurity Writing Mistakes
2019-05-19Including Indecipherable Graphics - Common Cybersecurity Writing Mistakes
2019-05-18Overstuffing the Paragraphs - Common Cybersecurity Writing Mistakes
2019-05-17Burying the Main Point - Common Cybersecurity Writing Mistakes
2019-04-02Top 5 Things to Know About Azure Active Directory Logs - SANS Tactical Detection Summit
2019-03-22SANS Security Operations Summit & Training 2019: Sneak Peek
2019-03-12Top 10 Writing Mistakes in Cybersecurity and How You Can Avoid Them
2019-03-04The Hitchhiker’s Guide to Evidence Sources - SANS Webcast
2019-02-21Purple Teaming Explained
2019-02-20ICS Security Summit 2019: What to Expect
2019-02-16Network Visualizations: Understand what's happening faster and easier than ever! - SANS Webcast
2019-02-11Unconventional Logging and Detection - SANS Tactical Detection Summit 2018
2019-02-11SANS Blue Team Summit & Training 2019
2019-02-10The Changing Landscape of Offense - SANS Pen Test HackFest 2018
2019-02-07Burning Down the Haystack - SANS Security Operations Summit 2018
2019-02-06Measure Yo Bad Self - SANS Security Operations Summit 2108
2019-02-05Forgotten But Not Gone: Gathering NTFS Artifacts of Deletion - SANS Tactical Detection Summit 2018
2019-02-04Applied Data Science and Machine Learning for Cybersecurity - SANS Tactical Detection Summit 2018


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training
FOR508
SANS FOR508
GCFA