Education
Education means different things to different people. To some, it means a college and a goal of a degree or certificate. To others, it means attending a vendor's training program. Still others are self-taught and prefer to either use online resources or books. All of these are valid ways to get educated on cyber forensics & threat investigations, pick up new skills , and polish existing ones. Here are sections to help both the newly interested and the long-time practitioner in whatever way they prefer.
One of the questions frequently asked is what types of things someone who wants to get into the field should be studying--an educational roadmap. These are the basic building blocks so the person will be able to make the most of the specialised cyber forensics & threat investigations training later. Here is what the ACFTI founders have come up with, and comments are welcome via email.
Sample Educational Roadmap for Newbies:
Operating systems (Windows, Unix at a minimum)
Computer architecture (CPU architectures)
Electronics & Hardware basics - (this job frequently requires taking computers apart to get at their hard drives)
Networking Protocols and Systems
Scripting Language(s) - Perl and Powershell scripting are a good start
Principles of Investigation
Legal Studies related to investigations
File systems and data structures
Evidence handling
This won't get someone to the point of being a cyber forensics & threat investigations practitioner, but it will prepare them for the specialised study that is required to learn to do the job well. It will make it easier to understand the cyber forensic & threat investigations concepts.
Formal Education
College Education in Cyber Forensics & Threat Investigations in UK
This section lists programs from colleges that offer cyber forensics & threat investigations either as a significant portion of the curriculum or as the major itself. Some of the certificate programs require a prior bachelors degree, and others have no such requirements. If you know of a program that isn't listed, please send the ACFTI an email with the URL to the program.
Vendor Training
Classes by the vendors who make the commercial products:
Encase training by Guidance Software
FTK training by Access Data
Cellebrite Digital Intelligence training by Cellebrite
ProDiscover Computer Forensics training by Technology Pathways
BlackBag Forensics training by BlackBag Technologies
Magnet Forensics training by Magnet Forensics
Belkasoft Evidence Center training by Belkasoft
OSForensics training by PassMark
Oxygen ASR Data training by Oxygen Forensics
XRY Forensics training by MSAB
Nuix Discover training by Nuix
ASR Data Forensics training by ASR Data
ADF Forensics training by Advanced Digital Forensic Solutions
Classes on Open Source Forensics and Theory:
SANS offers a wide variety of courses, and their forensics track is excellent for open source training.
Paraben Forensics offers a wide variety of training courses by Paraben Corporation
Computer Hacking Forensic Investigator training courses by EC-Council
Copyright © Association of Cyber Forensics and Threat Investigators. All rights reserved.