Tuesday, June 1, 2010

A SANS tutorial on computer forensics, Part 1

SANS Computer Forensics Blog: Part 1 Organized Chaos and Panic

I was fortunate enough to be able to take the SANS SEC508 class a couple years ago and thoroughly amazed at what I learned, not only from a technical level, but from the stories that Rob Lee could tell us from his experience.  Now, through the SANS Computer Forensics blog, you can get an overview of how to do some of the same things that we did in class in lab exercises.  When I took the class Helix was still free, but I suspect the Pro version has more capabilities too.

During class, Rob Lee and others had talked about the books at the left. I have purchased them and am working on reading through them.  So far, both are excellent resources.