The IACIS Enterprise Cyber Incident Response Forensics (E-CIFR) class is a natural follow-on for the IACIS CIFR class. It is an expansion of skills from analyzing a small number of systems using traditional imaging + manual analysis processes to introducing and building skills that allow the student to analyze systems at scale, building and implementing toolsets to analyze systems spread across the network. While attendance at CIFR is not a pre-requisite, E-CIFR builds on the CIFR skills of “what does intrusion or malware bad look like on a single system?” and provides the knowledge and skills to search for that same badness over hundreds or thousands of systems simultaneously.
Additionally, E-CIFR provides instruction on IR involving cloud architecture (AWS / Azure), endpoint security architecture such as Endpoint Detection and Response (EDR), log collection and analysis using ELK, common preparation concepts such as IR planning and hardening,
Throughout the week, students will cover topics and lab exercises that include:
| Intro to AWS IR | Intro to Azure IR | Log collection and analysis with ELK |
| Endpoint Detection and Response (EDR) | Use of TimeSketch for image and timeline analysis | Velociraptor for network investigations |
| IR Planning | Threat Intelligence concepts and tooling | Hardening Guidelines (ISO, PCI, CIS, etc.) |
| Group Tabletop exercise | Capstone Attack Exercise attack | Capstone Attack Exercise analysis |
WHEN: May 5 – 9, 2025
COST: $2,695.00 US Dollars
EQUIPMENT: Classroom laptops will be given to the students to take home and keep.
COURSE SYLLABUS:
REGISTRATION: NOW OPEN
Existing IACIS members, simply log in with your credentials and go to the Products page to purchase and register for the course.
For non-IACIS members, the membership fee is waived with the purchase of the training course; however, to register for the course you must complete a membership application at the time of purchase. Purchase training course HERE.
***IMPORTANT*** Regarding IACIS’s upcoming 2025 E-CIFR Training, please note that payment must be received NO LATER than 45 days prior the first day of class, by March 12th, 2025. Failure to meet this deadline will result in the forfeiture of your reserved seat, which will be made available to other interested registrants. This policy is strictly enforced, with NO EXCEPTIONS.
While we do accept purchase orders, full payment is expected by the March 12th deadline. As IACIS makes advance purchases of all necessary equipment and materials, ensuring that all seats are confirmed is essential to our training courses.
To assist in this process, we kindly request that you inform your finance department of the March 12th payment deadline to prevent any issues that could jeopardize your participation in IACIS’s training. Please make sure you have all the appropriate paperwork turned in and in a timely manner to facilitate a smooth and prompt transfer of the payment for your training. If you have any questions or concerns, please contact our Treasurer at treasurer@iacis.com
Cancellations within 45 days from the start of class to 31 days from the start of class will be subject to a $150 cancellation fee. There will be no refunds within 30 days from the start of class.****
* On-Site Check-in Times (student pickup of equipment, ID card, IACIS info) are:
Sunday, May 4, 2025 : 1800 – 2000
Monday, May 5, 2025: 0700 – 0800
* Please make arrangements to arrive in time to check-in so that you may be in class promptly on the first day.
COURSE NOTES:
Please read the following notes regarding this class:
- Classes begin at 8:00 AM ET and conclude at 5:00 PM ET each day, with a one-hour lunch break. Classes will end at 4:00 PM ET on the last day of class. Please do not arrange for departing flights prior to 7:00 PM ET to allow time for travel to the airport and any security clearances.
- The dress code for the conference is business casual (collared shirts and slacks). The wearing of shorts, flip-flops, tank tops, etc., is not allowed in the classroom. Personal computers are not permitted in the classroom. Students are required to attend all classes to successfully complete the program. Students who fail to meet the attendance requirements will not be issued a certificate at the conclusion of the program.
HOTEL BOOKING:
The course will be taught at the Caribe Royale Hotel, 8101 World Center Drive, Orlando, Florida 32821 (USA). This hotel is 16 miles from the Orlando International Airport, it has a large pool, spacious workout facility and is close to Disney World and Universal Studios.
Book via the Caribe Royale Hotel site here. If you choose to stay at a different hotel and commute to the conference, you may be subject to parking fees per conference center policy.
Or book via phone by calling the following numbers:
Reservations Toll-Free: 1-800-823-8300/1-888-258-7501 or the local number 407-238-8000.
CANCELLATION INFO: If IACIS is unable to hold the Orlando training event, then all students who have registered and paid will have the option of a full refund or a reserved seat at next year’s training event. IACIS is not responsible for any outside expenses (e.g., travel and accommodation) in the event of the training event being canceled. Anyone who paid for training will receive complimentary membership through the year that his/her training takes place.
