DFIR Related Events for Beginners – August, 2020

A list of Digital Forensics and Incident Response related events and training that may be of interest to students/beginners for the month of August. All events listed are virtual.

August 4th: Panoply (Free for Black Hat attendees) “Panoply is an network assessment/defense competition combined into a single event.” You can register HERE.

August 5th: Susteen’s Digital Forensics Industry Day (Free) “Sign up for individual sessions, multiple sessions or an entire session track! Attendees will earn challenge pins for each session attended.” You can register here: https://datapilot.com/digital-forensic-industry-day/

August 5th and 6th: Black Hat (The Business Pass is Free). A Business Pass grants you access to the Business Hall and additional Features, including Arsenal, Sponsored Sessions, and Sponsored Workshops. Go here to register: https://www.blackhat.com/us-20/registration.html

August 6th: Cryptography Workshop (Free) “In this one-day workshop, you’ll learn the basics of cryptography, a core cyber skillset.” You can register HERE.

August 6th – 7th: Virtual Cyber Defense NetWars Tournament (Available to the first 1,000 students that have taken a SANS course from March 1, 2020 to the present). There is also a free SANS Community CTF August 13th – 14th. Go HERE for more information

August 6-9th: DEF CON Safe Mode (Free): “DEF CON official presentations will be pre-recorded, each full day of talks will be pre-released online at midnight PDT (GMT-7), as a torrent on media.defcon.org and on our official YouTube. The following schedule includes special live streamed Q&A sessions for each talk, as well as additional fireside lounges and panels. These sessions will be streamed on Twitch at https://www.twitch.tv/defconorg.” Go here to see the schedule: https://defcon.org/html/defcon-safemode/dc-safemode-schedule.html

DEF CON Blue Team Village: You can see the schedule HERE. Also, follow them on Twitter and join the Blue Team Village Discord server. In addition to DFIR related channels in the Blue Team Village Discord server, they also have a “Meet-a-Mentor” channel.

DEF CON Blue Team Village Training Workshops (Free): You can register HERE.

There is also a Career Hacking Village. Subscribe to their YouTube Channel to see the Career Hacking talks and follow them on Twitter.

August 6-9th: OpenSOC Blue Team CTF @ DEFCON 28 “Blue Team CTF is a Digital Forensics, Incident Response (DFIR), and Threat Hunting challenge meant to teach and test practical incident response skills in an environment that closely resembles a real enterprise network.” For more information and to register, go HERE.

August 8th: Trace Labs Global OSINT Search Party CTF – DEFCON 28 Safe Mode Edition ($20). Contestants of all skill levels encouraged to participate! Use your OSINT skills to help find real missing people. You can register HERE.

They also have a CTF Contestant Guide here: http://download.tracelabs.org/Trace-Labs-OSINT-Search-Party-CTF-Contestant-Guide_v1.pdf

August 10th – 14th: Tactical Edge Virtual Summit (Free) “The Tactical Edge event covers a multitude of important cybersecurity topics, from the importance of awareness to privacy to third party risk to adversarial emulation.” Includes talks on Threats and OSINT. Go here for more information and to register: https://tacticaledge.co/en/index.html

August 11th: All Clearance or Cyber Virtual Job Fair – San Antonio “Meet virtually with leading cleared and cyber security employers.” Job openings include DFIR jobs. They are also offering free resume reviews. You can register HERE.

August 13th, 30th, 27th: Free Python Fundamentals E-Learning Workshop “This is a Python for absolute beginners free online workshop” You can register HERE

August 18th: Incident Handling & Threat Hunting w/ Security Onion (Free) “We will discuss how to use a free and open-source tool like Security Onion (SO) to provide hands-on experience and increase our knowledge in incident response and threat hunting. This event is for those with minimal experience working with detection alerts, pcap files, and log management.” You can register here: https://www.meetup.com/DCCyberWarriors/events/272188443/

August 19th – 24th: Cybereason Summer CTF Challenges range from beginner to advanced. It includes DFIR related challenges. You can register HERE.

August 20th: Becoming the Adversary: Creating a Defensive Lab to Understand the Offense (Free Webcast). You can register HERE

“Tyrone E. Wilson will share how you can start setting up your defensive lab, no matter what your experience level is. Once you have a lab, you don’t have to wait for adversaries to come after you – Tyrone will share ways you can mimic adversaries and then analyze your system to find your activity.”

August 20th: UniCon “a free conference for the entire purple team: security researchers, developers, red teamers, blue teamers, and digital forensics and incident responders” It also includes a malware analysis CTF. Go here for more information and to register:  https://www.scythe.io/unicon2020

August 21st – 22nd: The Diana Initiative 2020 ($5) This event includes a Career Village and a CTF with forensics, OSINT and malware analysis challenges. You can register here: https://www.dianainitiative.org/2020-event/

August 21st: BSides Columbus ($25). Includes talks related to Incident Response and Threat Hunting. For more information and to register, go here: https://www.bsidescolumbus.com/

August 22nd: SANS OSINT Search Party CTF **This CTF is only open to those who have taken a SANS course and seats are limited.** Go HERE for more information: https://www.sans.org/osint-search-party-ctf

August 29th: Live Resume Workshop for Cybersecurity Professionals ($19.99) “This session will focus on sharing actionable feedback on your resume so you can ace the interview.” You can register HERE.

Ongoing Events, Training & Blue Team CTFs

Hack Summer: Saturdays 10am Pacific on YouTube. Go here for more information: https://theforeverstudent.com/introducing-hacksummer-33a00e78948d

DFIR Python Study Group: Tuesdays and Thursdays at 12 PM EST The book being used is: Head First Python, 2nd Edition. Click on the Tweet below for all the links.

Magnet Forensics Cache Up: Tuesdays at 11:00AM ET “Cache Up is an interview style show where I will get to speak with some people doing incredible work in forensics and get to know their work and them better.” Go here for more information: https://www.magnetforensics.com/cache-up

Life has no Ctrl + Alt + Delete. “Need to escape isolation and collaborate? Monday, Wednesday and Friday from 12:30PM to 1PM EST, join Heather Mahalik, Cellebrite’s Sr. Director of Digital Intelligence, with guest speakers for live Meetups.” For more information, go here: https://www.cellebrite.com/en/life-has-no-ctrlaltdelete/

Forensic Lunch David Cowen hosts the Forensic Lunch Test Kitchen, a live technical show on YouTube where you can learn about different forensic tools. Subscribe to his YouTube channel Learn Forensics With David Cowen.

Forensic Happy Hour: Fridays at 5pm ET on the Mobile Forensic Investigations YouTube Channel

SANS Mic Talks There are several free SANS Mic Talks this month including “Remote Forensic Investigations in the Context of COVID-19”, “Leveraging Telegram for OSINT Purposes” and “Find_Evil – Threat Hunting”. The schedule can be found here: https://www.sans.org/blog/sans-mic-schedule/

Mondays: #CyberMentoringMonday on Twitter (Created by Tanya Janca) Use the hashtag to ask questions or to find a mentor on a specific topic.

If you have questions for the Infosec Twitter community on other days, use the hashtag #AskInfosec

Champlain College CTF: https://champdfa-ccsc-sp20.ctfd.io/

The Splunk Boss of the SOC Blue Team CTF is open for anyone to play. You can register here: https://cyberdefenders.org/accounts/signup/

Corelight CTF: There are game dates available August 18th and 20th. You can register here: https://www3.corelight.com/l/420832/2020-03-31/lcxk2q

NW3C CTF: You can register here https://nw3.ctfd.io/

Pentester Academy has free CTF exercises that include network forensics and reverse engineering. The challenges go from beginner to advanced. You can register here: https://www.ctf.live/

Malware-Traffic-Analysis.net has Traffic Analysis Exercises each month as well as tutorials.

DFIR Social Media

Twitter: Look for the #DFIR hashtag. For people to follow, check out the Women of DFIR and the Men of DFIR.

Facebook: I listed some helpful Facebook groups here: https://dfirdiva.com/facebook-groups

Digital Forensics Discord Server A Beginner’s Guide to the Digital Forensics Discord Server has information on how to join. I cannot recommend this Discord Server enough. It’s a great community.

Cyber Social Hub “A place for Cybersecurity, DFIR, OSINT, Legal, and Technology Investigation Professionals to Connect and Collaborate”.

As always, there’s a list of regularly updated Free Training.