Education
Education means different things to different people. To some, it means a college and a goal of a degree or certificate. To others, it means attending a vendor's training program. Still, others are self-taught and prefer to either use online resources or books. All of these are valid ways to get educated on cyber forensics & threat investigations, pick up new skills, and polish existing ones. Here are sections to help both the newly interested and the long-time practitioner in whatever way they prefer.
One of the questions frequently asked is what types of things someone who wants to get into the field should be studying--an educational roadmap. These are the basic building blocks so the person will be able to make the most of the specialised cyber forensics & threat investigations training later. Here is what the ACFTI founders have come up with, and comments are welcome via email.
Sample Educational Roadmap for Newbies:
Operating systems (Windows, Unix at a minimum)
Computer architecture (CPU architectures)
Electronics & Hardware basics - (this job frequently requires taking computers apart to get at their hard drives)
Networking Protocols and Systems
Scripting Language(s) - Perl and Powershell scripting are a good start
Principles of Investigation
Legal Studies related to investigations
File systems and data structures
Evidence handling
This won't get someone to the point of being a cyber forensics & threat investigations practitioner, but it will prepare them for the specialized study that is required to learn to do the job well. It will make it easier to understand the cyber forensic & threat investigations concepts.
Formal Education
College Education in Cyber Forensics & Threat Investigations in the UK
This section lists programs from colleges that offer cyber forensics & threat investigations either as a significant portion of the curriculum or as the major itself. Some of the certificate programs require a prior bachelor's degree, and others have no such requirements. If you know of a program that isn't listed, please send the ACFTI an email with the URL to the program.
Vendor Training
Classes by the vendors who make the commercial products:
Encase training by Guidance Software
FTK training by Access Data
Digital Forensic Training by Oxygen Forensic
Cellebrite Digital Intelligence training by Cellebrite
ProDiscover Computer Forensics training by Technology Pathways
BlackBag Forensics training by BlackBag Technologies
Magnet Forensics training by Magnet Forensics
Belkasoft Evidence Center training by Belkasoft
OSForensics training by PassMark
Oxygen ASR Data training by Oxygen Forensics
XRY Forensics training by MSAB
Nuix Discover training by Nuix
ASR Data Forensics training by ASR Data
ADF Forensics training by Advanced Digital Forensic Solutions
Classes on Open Source Forensics and Theory:
SANS offers a wide variety of courses, and their forensics track is excellent for open-source training.
Paraben Forensics offers a wide variety of training courses by Paraben Corporation
Computer Hacking Forensic Investigator training courses by EC-Council
International Association of Computer Investigative Specialists offers a wide variety of vendor-neutral training courses
SUMURI Forensics community offers open-source digital forensics training courses
EduLabs Programme
ACFTI EduLabs is a collaborative project designed for educators to facilitate cooperation in the creation of hands-on laboratories and educational materials. EduLabs incorporates a functional network infrastructure utilized by educators to develop and evaluate penetration testing, secure programming, and cyber forensics resources focused on experiential learning. The EduLabs concept has a wide range of applications. Examples encompass:
Formulating collaborative resources that include hands-on learning for cybersecurity, digital forensics, incident response, and threat investigation topics
Implementing and evaluating network infrastructure and services for cybersecurity, digital forensics, incident response, and threat investigations training
Conducting tests and providing hosting services for virtual machines and containers for cybersecurity, digital forensics, incident response, and threat investigations training
Implementation and automation of infrastructure and testing processes for cybersecurity, digital forensics, incident response, and threat investigations.
What are the reasons to join ACFTI EduLabs?
Facilitate the exchange of information and expertise and oversee the maintenance and administration of infrastructure and network resources for cybersecurity, digital forensics, incident response, and threat investigations education
Create and distribute educational materials and publications related to the newest cybersecurity, digital forensics, incident response, and threat investigation Topics
Collaborate and oversee the allocation of resources using a shared platform for project coordination
EduLabs offers several opportunities for growth and development
Acquire practical experience in a nurturing and unbiased setting
Cultivate practical skills applicable in professional settings
Engage in meaningful learning within a live and dynamic environment
To get the latest EduLabs Curriculums, please follow the following link
If you would like to enroll, engage, and use EduLabs Curriculums, kindly send an email to the following address: acfti@acfti.org, Additionally, it is important to mention that we require your department/school to sign an agreement with ACFTI.
Only instructors or lecturers who are members of ACFTI have access to the EduLabs program.