“Six Reasons You Don’t Want to Miss SANS DFIR Summit & Training 2019”

by bglennon on June 7, 2019

The annual SANS DFIR Summit & Training is just around the corner! If you have attended in the past, you already know that we throw everything we have into making this the most action-packed Digital Forensics and Incident Response (DFIR) event of the year. If you have not yet attended, this is the year to change that.

1. In-depth Summit presentations covering the latest DFIR solutions and research by leading experts in the field.

The two-day Summit will kick off with a keynote presentation by Troy Larson and Eric Zimmerman. Eric will explore the development and refinement process of EZ Tools and how KAPE can be used as the “glue” to tie things together. Troy will then provide real-world examples of how these tools can and have been used for forensics at scale.

In addition to in-depth presentations, a team from Google will lead attendees through an incident response war game. This exercise will take participants through a simulated major incident. The goal is to help you better understand the incident response process and the constraints and needs that may arise during a large-scale incident. The war game will stress-test communications skills, legal challenges, public relations, complex trade-offs in completeness vs. response speed, and rapid triage/forensics skills.

All DFIR Summit speakers are industry experts who practice digital forensics, incident response, and threat hunting in their daily work. The Summit Advisory Board evaluates talk proposals to ensure that the Summit agenda delivers actionable content that meets the needs of the community. But don’t take our word for it — have a sneak peek and check out some of the past DFIR Summit talks.

Sponsorships Available

2. Every SANS course in our DFIR arsenal is offered following the Summit.

Here are the courses you can choose from:

FOR500: Windows Forensic Analysis

FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics

FOR518: Mac and iOS Forensic Analysis and Incident Response

FOR526: Advanced Memory Forensics & Threat Detection

FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response

FOR578: Cyber Threat Intelligence

FOR585: Smartphone Forensic Analysis In-Depth

FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques

FOR498: Battlefield Forensics and Data Acquisition BETA!

SEC573: Automating Information Security with Python

3. One-of-a-kind networking events

Rub elbows and network with fellow DFIR professionals at evening events, including networking sessions and social events. On the first night of the Summit, we’ll head over to one of Austin’s newest entertainment venues, SPiN Ping Pong Bar. Later in the week, you’ll have a chance to give your overloaded brain a break at our DFIR Community Night. Everyone will assemble at a local Austin establishment on Monday, July 29. Food and drinks are on us!

4. DFIR NetWars — The Coin Slayer

Prove you’ve mastered the DFIR arts by playing in the DFIR NetWars – Coin Slayer Tournament. Back by popular demand, this tournament will give you the chance to leave Austin with a motherlode of DFIR coinage! To win course coins, you must answer all questions correctly from all four levels of one or more of the six DFIR Domains: Windows Forensics & Incident Response, Smartphone Analysis, Mac Forensics, Memory Forensics, Advanced Network Forensics, and Malware Analysis.

5. Technical evening talks by SANS Instructors and subject matter experts

Attend SANS@Night talks to enhance your training experience. Following the first day of class, David Cowen’s talk will cover the current state of Windows forensics and provide an overview of his new research to help you get up to speed. Later in the week, Mark Baggett will give a talk on the sinister side of Python. Learn about Python’s history of vulnerabilities and quirks that make attackers do their happy dance!

6. Help “Keep Austin Weird”

Who doesn’t want to go to Austin?!? The city’s unofficial slogan, “Keep Austin Weird,” promotes a culture of individuality, expressionism, art, and atypical leisure activities. Over the years, we have had no problem contributing to the “Keep Austin Weird” culture!

Austin has amazing food everywhere and there’s no place like it when it comes to having a great time. The nightlife and music include the famous 6th Street ? which, by the way, is just walking distance from the Summit venue. There are many other landmarks, such as Red River, the Warehouse District, Downtown, and the Market District. You will find entertainment of all kinds no matter what you’re up for. Nothing wrong with some well-deserved play after days full of DFIR training, lectures, and networking!