Cyber Triage Courses
Cyber Triage is our digital forensics and incident response (DFIR) software that automates the collection and analysis of intrusion-related artifacts. The Sleuth Kit Labs training team has direct and frequent access to the product engineering team and therefore provides the authoritative courses on the use of the software.
The Basics course is a 1/2 day, video-based course that gives an overview of how to:
- Effectively use Cyber Triage
- Collect data from hosts
- Configure the automated analysis pipelines
- Review the findings
- Generate reports
Contact us for an in-person course.
Autopsy Courses
Autopsy is our general purpose digital forensics platform. It is open source and used by thousands of people around the world. You can use it for any kind of investigation, ranging from traditional law enforcement, HR, to intrusions. The Sleuth Kit Labs course is the leading course on using Autopsy and has over 100,000 enrollments.
The 8-hour, video-based course shows you how to:
- Manage cases
- Add various types of data sources
- Configure ingest pipelines
- Use the specialized interfaces
- Generate reports
Investigation Process
Examiners need to understand more than just tools. They also need to understand how to approach an investigation, what to look for, and how to interpret what they find.
The DFIR Divide and Conquer course is our approach to tackling investigations. Investigations are all about answering questions and this approach is about taking big questions and breaking them into smaller questions.
This free course goes through answering questions about “Is this computer compromised?”, but the same approach can be used for other questions.
Custom Courses
If you are interesting in a custom or in-person course on our products or any other DFIR topic, please let us know.