The Best Free Resources to Get Started in Incident Response

Presented at CactusCon 12 (2024), Feb. 17, 2024, 3:30 p.m. (60 minutes).

People looking to get started in Incident Response and Forensics usually have the difficulty of trying to find training and resources that aren't super costly. Fortunately, there are a ton of amazing resources that don't cost a thing. All you need is someone experienced in the field to show you which resources you can trust to help you quickly gain the knowledge and experience you need to land your dream job in IR. This talk will cover a multitude of resources including Incident Response preparation; what kind of telemetry is available and needed; how to find some of the most valuable forensics artifacts; and free tools to collect, parse, and analyze data. The audience will come away with resources for learning, building labs, and more quickly becoming capable in incident response.

Presenters:

• Marcus Guevara - Certified SANS DFR Instructor, Director of Cybersecurity
  Marcus Guevara is a certified Digital Forensics and Incident Response instructor for the SANS Institute. Marcus previously spent time in the U.S. Air Force and U.S. Coast Guard performing Threat Hunting and Incident Response.

Links:

• https://cactuscon-12.sessionize.com/session/556966

Similar Presentations:

• Black Hat USA 2014 / The State of Incident Response
• GrrCON 2013 / Cloud Incident Response
• DerbyCon 3.0 All in the Family (2013) / DIY Forensics: When Incident Response Morphs into Digital Forensics