Promo On the face of it, the cloud fundamentally changes how security teams investigate and remediate incidents.

The complacent might think that the cloud providers, with all their resources, should have them covered. The pessimists worry that removing on-prem from the equation means traditional forensics disciplines are redundant.

But both these views miss the big picture. The cloud does change the overall context of threat response, but it also creates new traces, and in some respects can accelerate the processing of forensic data. The trick is marrying traditional forensic smarts with new methodologies and techniques.

And that is precisely what SANS Institute’s newly minted Enterprise Cloud Forensics and Incident Response course will deliver when it officially debuts this October.

This ground-breaking programme was written by KPMG’s David Cowen; veteran cyber threat hunter Pierre Lidome; and Ankura’s cybersecurity MD Josh Lemon.

It shows examiners how the major cloud service providers are actually providing new evidence sources, and capabilities ranging from cloud equivalents of network traffic monitoring to direct hypervisor interaction for evidence preservation.

If you want to be among the first cohort to take this intermediate-to-advanced course, you have four opportunities over the coming months.

The course will be running at:

Whichever option you go for, you can guarantee that you’ll be learning from instructors at the top of their game. You’ll also get the chance to put your skills to the test in one of SANS’ famous NetWars Tournaments.

And, for the October/November courses, if you move quickly you can benefit from early-bird pricing, saving you $100s on course fees. But remember, seats are limited.

So, if you have responsibility for forensics and incident response, and the cloud is on your agenda – and let’s face it, the cloud is on everyone’s agenda – check out the full syllabus and book your slot here.

Sponsored by SANS Institue