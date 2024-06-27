In 2023, more than one-fifth of cyberattacks persisted for over a month, prompting businesses to stress the need for shorter “detection-to-resolution” times. One of the challenges that hinders swift, and efficient incident management is ongoing skills shortage. To address this issue, Kaspersky has developed a training course that covers one of the important parts of incident response process, helping professionals gain the necessary skills.

The ‘Windows Digital Forensics’ course is designed to provide trainees with a fundamental understanding of digital forensics, offering them valuable insights and hands-on experience. The ability to detect digital traces of an attack’s development is one of the most valuable skills for cybersecurity professionals, as attacks can occur even if all prevention measures are in place.

In this course participants will learn the methods of obtaining diverse digital evidence, find traces of malicious actions and use timestamps from various Windows artifacts to reconstruct an incident scenario. They will also gain expertise in analysing browser and email histories. By the end of the course, trainees will be proficient in incident scoping, evidence acquisition, log file analysis, network analysis, creation of Indicators of Compromise (IoCs), and memory forensics.

The training program was developed by Ayman Shaaban, Digital Forensics and Incident Response Group Manager at Kaspersky, bringing extensive expertise in cybersecurity gained over many years. In addition to gaining extensive knowledge in digital forensics from the Kaspersky expert, participants will be able to apply their newly-acquired knowledge in a virtual lab. This secure virtual environment was designed specifically to assess the participant’s level of understanding and enhance their practical skills.

This training is part of a series of courses focused on incident response, allowing specialists to tailor their educational path in this field. It will be equally beneficial for companies aiming at enhancing their incident response teams and individual cybersecurity professionals who are looking to upgrade their technical analysis skills in digital forensics.

“To achieve cyber-resilience, organisations must be prepared for incidents by managing logs centrally, retaining them for extended periods, and safeguarding them against tampering, malicious access, or accidental loss. They also need the ability to conduct forensic investigations promptly when necessary. During this training course, you will get acquainting with digital forensics as an important part of the incident response process and will be equipped with useful knowledge that help you to swiftly handle, contain, understand and recover from cyber-attacks and effectively minimise their impact in the quickest way possible”, comments Ayman Shaaban.