Incident Response

Detect, contain, and recover from security incidents using SIEM and forensics.

intermediate 🔐 Cybersecurity

0%

Confidence · no data yet

Sign in to track

After this skill you can…

Build an incident response playbook
Analyse logs in Splunk or Elastic SIEM
Perform memory and disk forensics on a compromised system

Prerequisites

Security Basics

Learn this skill (10 videos)

A Practical Intro to Digital Forensics

The Cyber Mentor · beginner

The hunt for America's most wanted computer scientist...

Fireship · beginner

Mozi Malware - Finding Breadcrumbs...

John Hammond · intermediate

Recovering a "Twirled" Image | KringleCon 3 - SANS Holiday Hack Challenge 2020

John Hammond · intermediate

Project Helix Walkthrough: Blue Team CTF

TCM Security · intermediate

RECOVERING FILES with Autopsy (PicoCTF 2022 #47 'operation-oni')

John Hammond · beginner

Intro to Sleuthkit for Forensics (PicoCTF #39 'sleuthkit-apprentice')

John Hammond · beginner

SANS Share Your Story: How SEC401 Builds Your Security Foundation with Genie-Rose Luluquisin

SANS Institute · beginner

Inside Digital Forensics: Hunting for Truth in the Dark with Heather Barnhart

SANS Institute · advanced

From the SANS Cyber Leaders Podcast: Fighting Back with John Hubbard

SANS Institute · intermediate