DFIR Training Videos

These Digital Forensics and Incident Response (DFIR) training videos help security analysts, incident responders, and the cybersecurity community expose, isolate, investigate, and eliminate security incidents. Enjoy!

Digital Forensics and Incident Response (DFIR) Training Videos

DFIR Training (04/2020)

Remote Desktop Protocol Incidents

Remote Desktop's ubiquity makes it a target. Explore attack vectors. Host-level triage using different tools such as event logs, sysmon, and other types of EDR. End with a discussion on best practices for securing RDP.

DFIR Training (02/2020)

Maintaining Remote Access During Security Incident Response

Learn how to establish and maintain remote access to endpoints during cyber security incident response investigations. Explore GPOs and RMM tools, agentless triage via WMI, Powershell Remoting, and SSH.

DFIR Training (01/2020)

Artifact Triage in Security Incident Response Investigations

During this DFIR training, Chris focuses on artifact triage during incident response investigations. Reviewing shimcache, amcache, and process event logs, hunting for answers and patient zero.

DFIR Training (12/2019)

Detecting and Responding to Host-based Cyber Attacks

Join Infocyte co-founder and Chief Product Officer, Chris Gerritz, for a hands-on digital forensics and incident response (DFIR) training session covering detection, investigation, and response to host-based cyber attacks.