GIAC

I recently took and passed the GCFA certification exam for forensic analysis. It was an interesting and educational experience, touching on logfile analysis, memory forensics, deep filesystem analysis, and timeline generation. Most of the content focused on Windows (event logs, NTFS filesystem formats, etc); I’m looking forward to finding a matching course with a Linux focus.

I recently took and passed the GCIH Certification. It’s primarily focused on understanding how attackers behave, the tools they use, and why those tools do the things they do.