The basics of imaging forensic machines is not difficult to master. In this webcast, we will demonstrate how to image a laptop hard drive using Helix. In addition there are too many image file formats to keep track of. Learn how to convert the expert witness format (E01), raw (dd), and the Advanced Forensic Format (AFF) from one format to another simply and easily. Finally, we will show you some basic tricks on how to mount the images for analysis using the SANS Investigative Forensic Toolkit Workstation.

Acquisition and Handling Techniques of Computer Evidence Webcast

The past several years have seen a dramatic turn in the capabilities of incident response teams and forensic practitioners. In this webcast, Rob Lee will discuss the 7 new trends in IR and Computer Forensics that was polled from leaders in the forensic community. From e-Discovery to PI licensing, Rob will explain the major changes that have shaped a digital forensic analysts. These trends face computer forensic and incident response personnel for both law enforcement and corporate investigators

SANS Top 7 Trends in Incident Response and Computer Forensics Webcast

In this webcast, you'll learn about one of the new frontiers in digital forensics: mobile phone forensics. As cell phone popularity and capabilities increase, so does their frequency of use in crime, terrorist activities, and corporate misuse. Robert Spitler will discuss some of the issues facing mobile phone forensics as well as the tools and techniques currently in use today. For more information, Robert will be teaching Mobile Phone Forensics at SANS Network Security 2008 in Las Vegas, NV, starting September 29, 2008.

Mobile Phone Forensics Survival Webcast

Panelists will tell which incident response tools and techniques they regularly use, what worked and what didn't work, and they will share the lessons they learned.

Essential Incident Response Techniques Webcast

Introducing the top three must-have capabilities in your IR toolkit that were released in the past year. Learn how live memory collection and analysis is a game-changing tactic now utilized in effective Incident Response and Mitigation techniques. Find out what will replace the tried and true "sysinternals" tools and replace them with capabilities that are crippling rootkit technology. Learn how to analyze a discover a rootkit, analyze a windows hibernation file, recover an executable from memory, recover passwords from memory, and more.

Memory Analysis for Incident Responders and Forensic Analysts Webcast

Lenny Zeltser's popular malware analysis course has helped IT administrators, security professionals, and malware specialists fight malicious code in their organizations. In this free webcast, Lenny introduce the process of reverse-engineering malicious software. Lenny covers behavioral and code analysis phases, to make this topic accessible even to individuals with a limited exposure to programming concepts. You'll learn the fundamentals and associated tools to get started with malware analysis.

Introduction to Malware Analysis Webcast