- Security Assessment
- Red Teaming
- Compliance Audit
- Pre-IR Assessment
- Compromise Assessment
- Cyber Education
- GIB Crypto
There is a growing demand among companies all over the world to understand how security incidents occur so that they can prevent them from harming their businesses. With malicious activity showing no signs of slowing down in neither volume nor frequency, it is now more imperative than ever to investigate incidents properly. Otherwise, organizations risk becoming repeat victims of compromise, and suffering financial and reputational losses.
Digital forensics is key to uncovering and unraveling cybercriminal activity. Specialists in the field are like cyber detectives collecting and analyzing digital evidence to figure out threat actors’ movements.
Group-IB’s Digital Forensics Analyst: Basic course is an all-in-one guide to the fundamentals of the field. In just three days, you’ll learn about best practices and the current threat landscape, and be given the tools you need to start your detective work.
The course is broken up into three days, during which you’ll learn the basics of the digital forensics and investigation processes, including the tools to ensure success.
Although there is a schedule, the structure of each class is not set in stone. The goal of each Group-IB course is not only to teach you about the latest cybersecurity methods but also to provide a space where experts can network. As such, you are encouraged to engage with the instructor and other participants, thereby making the most of the experience.
Digital Forensics Analyst starts with the digital forensics process. The lesson will begin with how to perform initial data collection and where to look for the best sources of evidence. We’ll then dive deeper into the investigation process by going over best practices as regards properly collecting and documenting digital evidence as well as common mistakes made during the entire process.
You’ll be given links and access to fundamental tools used during digital forensics investigations and shown how to use them. You are free to share all the tools with your team and apply them immediately in your day-to-day operations.
We’ll continue our discussion on forensic investigations with the topic of Windows-based systems. By the end of the day, you’ll have acquired a basic understanding of Windows artifacts, how to process and analyze data, and how to extract useful data from memory dumps.
Most of the day will be spent on putting your knowledge to the test. Instructors will demonstrate how to prepare sources and collect digital evidence, after which you’ll attempt to do the same on your own.
On the last day, you will work independently. You will be given several forensics images, which you will analyze and process artifacts from. There will be two sets of questions — basic and advanced — that you’ll need to answer for each image. The test will end with a discussion of results and findings and a demonstration of the proper techniques and best practices.
Since the core of digital forensics lies in understanding threat actors, we’ll spend a significant part of the day on familiarizing ourselves with the current state of cybersecurity and its most recent trends.
To successfully pass the course you will need a basic IT/IS background.
Lecture videos and practical materials used during training
A poster describing the basic artifacts and their processing tools
Personal certificate of completion
Valuable information that you can put into practice
Additional requirements will be sent by email before the start of the course.
All course materials will be shared through Google Drive. If you do not have a Gmail account, our instructor will help you set one up before the course begins.
Our training courses are based on 1200+ successful investigations worldwide.
All courses are led by GCFA-, EnCE- and MCFE-certified experts.
The course instructors are current Group-IB specialists, which translates to the most up-to-date and first-hand information for course participants.
Practical exercises based on real-life cases make up 70% of the course.
Course materials are regularly updated with new cases from Group-IB’s experience, which ensures that the course program always reflects the latest trends.
Group-IB’s training courses provide a wide range of competencies for creating an effective information security department in any company.