In-Person, Riyadh

Topics:

• Incident Response Process Overview
• Evidence Acquisition & Chain of Custody
• Disk, Memory, and Network Forensics
• Timeline & Malware Analysis
• Lateral Movement & Persistence Detection
• Containment Strategies & Recovery
• Reporting & Lessons Learned

Overview

This intensive, lab-driven course equips you with essential DFIR (Digital Forensics & Incident Response) skills. You’ll dive into incident scoping, Windows internals, live memory and disk analysis, and the tactical use of threat intelligence. Whether you’re chasing down indicators of compromise or documenting an incident timeline, this course prepares you to respond like a pro.

Who Should Take This Course:

• Incident Responders
• Forensic Analysts
• SOC Teams
• Security Engineers
• Blue Teamers

By the end of this course, the participant will be able to:

• Understand the DFIR process and response lifecycle
• Identify and investigate security breaches
• Collect and preserve digital evidence
• Analyze artifacts from Windows, Linux & network sources
• Contain, eradicate, and recover from incidents
• Report findings with clear timelines and recommendations