MEMORY ANALYSIS

World-Class Technical Training for Digital Forensics Professionals
;

Training

Courses

Malware and Memory Forensics Training

This course demonstrates why memory forensics is a critical component of the digital investigation process, and how investigators can gain the upper hand. The course consists of lectures on specific topics in Windows and Linux memory forensics, followed by intense hands-on labs to put the topics into real-world contexts. The labs will require analysis of malware in memory, kernel-level rootkits, registry artifacts found in memory, signs of data exfiltration, and much more.

This course is your opportunity to learn invaluable skills from the researchers and developers who have pioneered the field! This is also the only memory forensics training class that is authorized to teach Volatility, officially endorsed by the Volatility Foundation, and taught directly by Volatility core developers.

Content updates

To coincide with the feature-parity release of Volatility 3, the online version of this training course has been completely updated with new course modules & hands-on labs!

COURSE AVAILABILITY

The Malware and Memory Forensics Training course is available in three formats: in-person (on select dates throughout the year), online (always available) or via a private course which can be developed to suit your organizations training needs. Please contact us if you are interested in joining us for a memory forensics training course.

View Course Overview

Success Stories

The Malware and Memory Forensics Training course has been described as the perfect combination of malware analysis, memory forensics, and Windows internals.

Our flagship class takes you on a journey to the center of memory forensics. As one of our students said, if you’re serious about protecting your network, you need to take this course.

Success Story #1

One of our students is named their company’s “go to guy” for memory forensics in less than 3 months after taking the course.

Success Story #2

An alumni of our class made short work of an anti-forensics tool; exposing it in a number of ways, proving the effectiveness of proper training and strong tools.

Success Story #3

A federal agent entered our course with no prior memory forensics experience. He now uses Volatility to crack some of the most critical cases of the decade.

Success Story #4

Detective Michael Chaves reveals how Volatility Training helped him investigate the “Card Wash” POS credit card breaches.

The art of

Memory Forensics

This book is authored by four of the core Volatility developers,  Michael Ligh, Andrew Case, Jamie Levy, and AAron Walters, who collaborated to design the most advanced memory analysis framework.

The content for the book is based on our Windows Malware and Memory Forensics Training class, which has been taken by thousands of students. (Read some of their testimonials!)

As an added bonus, the book also covers Linux and Mac memory forensics.

Learn More

ATTENDEE

Testimonials

- Greg P, Infosec Engineer

{“Windows Malware and Memory Forensics by The Volatility Project is easily the most in-depth technical training I’ve ever attended. I can’t recommend this class highly enough for any incident response or forensics professional.

- Carl W., Senior Specialist

{Excellent comprehensive training of memory forensics as it relates to malware and network intrusion investigations. Invaluable tool in an analyst’s toolbox.

- Fernando (DFIR/Malware Analyst)

{Very technical and in-depth course covering windows internals from memory. The best course I’ve taken so far in my entire career.

- Dale M.

{TAKE THIS COURSE!!!!

- Kyle P (Sr. Digital Forensic Examiner)

{The Volatility course is absolutely excellent and should be taken by any individuals performing IR services and forensics. The course covers not only the Volatility Framework, but the inner workings of malware and how it interacts with the Windows OS.

- A. Bridge (Lead Intrusion Analyst)

{The knowledge and experience of the instructors is very impressive. The amount of material covered is a lot, but it makes sense and is very relevant to the real world

- Ryan G.

{This was the most in-depth forensic course I’ve ever taken. The instructors are top notch and really know the material and concepts behind it. If you’re serious about protecting your network, you need to take this course.

- Scott Plastine, Incident Response Analyst

{Any good memory forensics course is going to teach volatility, so you might as well learn it from the leaders in the field.

- Scott H.

{I was amazed at the amount of artifacts that could be obtained from memory dumps through the use of the Volatility Framework

- Dave L.

{This is an amazing course that will not only provide the skills and knowledge you need to run Volatility, but also give you a much deeper insight into Windows memory internals

- Byron Thompson

{The instructors are highly professional and well versed in memory analysis. This tool beats any other tool in this space.

- Wyatt Roersma, Infrastructure Security Engineer

{It is by far the most advanced DFIR course that anyone can take. The course is an amazing value and contains undocumented information on memory analysis.

- Adam W.

{This is much more than a class on how to use a tool. By far the best training I’ve attended in several years. Instructors are top notch. Excellent class for even the most experienced of analysts

For more information or any further assistance regarding courses or admission, you can visit our contact us page or click the button below.

Contact Us