RESERVE MY SPOT

In 2009, after his BSc in communication and electronics, Ayman finished his cyber security education at Information Technology Institute (ITI), Intake 29, Egypt. His career as digital forensics engineer with the National Telecommunication Regulatory Authority in the Egyptian Computer Emergency Response Team division, EG-CERT, followed shortly after in the same year. In 2014 he started at Kaspersky Lab and moved up to a Senior Security Researcher in the Global Emergency Response Team, R+D. He has published several times, from a book he co-authored “Practical Windows Forensics” to articles such as “Mobile Phone Forensics”.

This course will fully introduce attendees to incident response and digital forensics. The hands-on, practice-oriented format of this course will allow students to obtain the required skills to conduct the cycle of detection, response and analysis of compromised systems, in both live and postmortem situations, with best practices to discover different cyber attacks.

We will start by discussing the principles of incident response and digital forensics processes and move on to learning about the approaches that are used to conduct evidence collection and analysis. We will study various tools to perform evidence collection and live analysis, and go through different techniques to analyse volatile and nonvolatile data. We also will talk about data recovery and learn how to use multiple tools to perform registry and system logs analysis.
Next, we will be taught how to build a timeline of all operating system activities and how to analyse browsers artifacts and e-mails clients, then go on to extract data from a computer’s memory and investigate network traffic.

SKILLS:

Computer Forensics

Network Forensics

Incident Handling

Cybercrime

Python

DATE: 9 – 27 Apr, 2018

DURATION: 3 Weeks

LECTURES: 3 Hours per day

LANGUAGE: English

LOCATION: Barcelona, Harbour.Space Campus

COURSE TYPE: Offline

Session 1

Incident Response foundations

Basic terms and definitions of IR. Nature of cyber attacks. Used cases.

WHAT YOU WILL LEARN
COURSE OUTLINE
ABOUT KONSTANTIN
BIBLIOGRAPHY
HARBOUR.SPACE 

Session 2

Incident Response foundations

Lifecycle of cyber incident. IR process.
Preparation to IR.

Session 3

Incident Detection and Initial Response

Monitoring and initial analysis of suspicious alerts. Verification and assessment of incidents. Basic indicators of compromise

INCIDENT RESPONSE &
DIGITAL FORENSICS

In a world where cyber attacks are discovered every day, skills such as responding to security incidents, conducting initial live analysis of compromised computer to detect threats, collecting digital evidences in forensically sound environment and analysing collected evidences to uncover the attack scenario, are no longer optional. All of these skills are highly required for security professionals to face the well organised cyber attacks which targets institutions regardless of their business type; financial, governmental or industrial.

In this course we will provide the knowledge needed to assemble different types of evidence properly, and walk through the various stages of the analysis process.

KONSTANTIN SAPRONOV

RESERVE MY SPOT

We offer innovative university degrees taught in English by industry leaders from around the world, aimed at giving our students meaningful and creatively satisfying top-level professional futures. We think the future is bright if you make it so. 

HARBOUR.SPACE UNIVERSITY

DATE: 9 – 27 Apr, 2018

DURATION: 3 Weeks 

LECTURES: 3 Hours per day

LANGUAGE: English

LOCATION: Barcelona, Harbour.Space Campus

COURSE TYPE: Offline

INCIDENT RESPONSE
AND DIGITAL FORENSICS

AYMAN 
SHAABAN

With an educational background in Financial and informatics in technical systems Management, Konstantin has had an extensive career in cyber security. Starting in 2001, he worked for Kaspersky Lab in Moscow, steadily taking on more tasks, from Non-Intel Threats Research Group Manager to Head of Virus Lab APAC in China. With over 15 years of IT technologies experience, mostly in security fields, and more than ten years in the AntiVirus field, he now is the Head of Global Emergency Response Team.

ABOUT AYMAN
AYMAN 
SHAABAN

All rights reserved. 2018

Harbour.Space University
Tech Heart

Session 4

Data Collection

Evidence acquisition. Disk’s imaging.
Dump of memory. Network traffic capturing.

SHOW MORE