DFIR v2.1.0

New Windows Event Analysis workshop announced, along with updates on Elastic, Sysmon, and Zimmerman tools usage in forensic investigations.
Oliver Ripka

Oliver Ripka

@otr

We are excited to introduce version 2.1.0 of our Windows and Active Directory Event Analysis Course Training Lab Guide and Slides!

This release includes a sneak peek into a brand-new hands-on workshop, plus updates to the existing training material:

  • New Workshop: Windows Event Analysis
    Learn how to investigate attacks using only free tools. This upcoming workshop focuses on real-world event log analysis and forensic techniques.
  • Tool Coverage:
    • Elastic Stack: How to collect and visualize Windows logs.
    • Sysmon: Configuration and tuning for threat detection.
    • Zimmerman Tools: Fast triage and event parsing with Kape, EvtxECmd, and more.
  • Incident Analysis Exercises: New labs using attack data to build detection and investigative skills.
Back to changelog
Share:

Ranger PCAP Lab

Release of the Ranger PCAP Lab.