Kaspersky has recently announced the addition of a new online course on Windows digital forensics to its Expert Training portfolio. The course, developed by Ayman Shaaban, aims to equip InfoSec professionals with comprehensive skills in identifying, processing, and analysing digital evidence.
In 2023, more than one-fifth of cyberattacks persisted for over a month, underscoring the importance of reducing detection-to-resolution times for businesses. One of the key challenges in swift incident management is the skills shortage in cybersecurity. Kaspersky’s new training course seeks to address this issue by enhancing professionals’ abilities to detect digital traces of cyberattacks, a crucial aspect of incident response.
Comprehensive Training in Digital Forensics
The Windows Digital Forensics course provides participants with a fundamental understanding of digital forensics, including methods for obtaining various types of digital evidence, identifying traces of malicious actions, and reconstructing incident scenarios using timestamps from Windows artefacts. Additionally, participants will gain expertise in analysing browser and email histories.
By the end of the course, trainees are expected to be proficient in:
- Incident scoping
- Evidence acquisition
- Log file analysis
- Network analysis
- Creation of Indicators of Compromise (IoCs)
- Memory forensics
Ayman Shaaban emphasizes the importance of digital forensics in the incident response process, stating, “During this training course, you will get acquainted with digital forensics as an important part of the incident response process and will be equipped with useful knowledge that help you to swiftly handle, contain, understand, and recover from cyber-attacks and effectively minimise their impact in the quickest way possible.”
Hands-On Learning Experience
The program includes a secure virtual lab to assess participants’ understanding and enhance their practical skills. This virtual environment allows trainees to apply their knowledge in a controlled, risk-free setting. The course is beneficial for companies looking to enhance their incident response teams and individual cybersecurity professionals seeking to upgrade their technical analysis skills in digital forensics.
Organisations must be prepared for incidents by centrally managing logs, retaining them for extended periods, and safeguarding them against tampering, malicious access, or accidental loss. Kaspersky’s course aims to equip participants with the skills and knowledge required for these critical tasks.
The Windows digital forensics training is part of a broader series of courses focused on incident response, allowing specialists to tailor their educational paths in this field. By enhancing their skills in digital forensics, participants can help organisations achieve greater cyber-resilience, swiftly mitigate the impact of attacks, and improve their overall incident management capabilities.