The other day I realized the Incident Response Training Plan I created had some broken links. I also discovered that some of the platforms I had in the plan changed their free offerings. So, I went through the various platforms (RangeForce, CyberDefenders, TryHackMe, etc), and updated the plan. I also replaced a couple of courses with newer courses that came out. The plan is based on a combination of what I wish I knew before starting in Incident Response, and Ryan Chapman’s Implementing a Kick-Butt Training Program: BLUE TEAM GO! talk. Part One of the plan is geared toward people...
Did you miss @dfirjos's excellent blog piece on practical examples of using Velociraptor to monitor adversaries during an incident response? Catch it here:
Building your own lab is an excellent way to gain hands-on experience and grow your knowledge. It can be done for free and it's easy to construct labs to emulate and analyze various attacks.
Check out our free tutorials here: https://lnkd.in/djce4_qX
The first new publicly released episode of 2023 is now available. Check out this important video covering a new evidence of execution artifact introduced in Windows 11 22H2. https://www.youtube.com/watch?v=rV8aErDj06A #DFIR #forensics
Recent Comments