SANS FOR572: Advanced Network Forensics and Analysis

This domain is used to house shortened URLs in support of the SANS Institute's FOR572 course.

You may be interested in the following resources:
  • SANS FOR572: Advanced Network Forensics and Analysis
  • SANS DFIR Network Forensics Poster: Wall-sized resource for all things Network Forensics. Available in soft-copy via the link, or request a physical poster if you like.
  • FOR572 Evernote Notebook: Public resource with additional information relevant to the course
  • SOF-ELK VM Distribution: Security Operations and Forensics Elasticsearch, Logstash, and Kibana - an appliance-like VM that's ready to ingest a variety of log and NetFlow data for DFIR and security operations purposes
  • The SANS Institute: The most trusted source for computer security training, certification and research
  • SANS DFIR: Digital Forensics and Incident Response