Advanced Network Forensics- Threat Hunting, Analysis, and Incident Response
Advanced Network Forensics- Threat Hunting, Analysis, and Incident Response Whether you handle an intrusion incident, data theft case, employee misuse scenario, or are engaged in proactive adversary discovery, the network often provides an unparalleled view of the incident. SANS FOR572 covers the tools, technology, and processes required to integrate network evidence sources into your investigations to provide better findings, and to get the job done faster. Course Key Learnings Extract files from network packet captures and proxy cache files, allowing follow-on malware analysis or definitive data loss determinations Use historical NetFlow data to identify relevant past network occurrences, allowing accurate […]