🐧 I'll be teaching SANS FOR577: Linux Incident Response & Threat Hunting in Virginia Beach, VA — August 24, 2026.

Linux is everywhere. Your cloud infrastructure, your containers, your routers, your endpoints. Attackers have known this for years — and Linux-targeted intrusions are rising fast. Yet most IR teams are still primarily trained on Windows.

FOR577 changes that.

What we cover:
🔍 Threat hunting on Linux systems
🧠 Memory forensics
📋 Log analysis and timeline reconstruction
⚡ Live response under pressure
🕵️ Tracking real-world APT intrusions on Linux platforms

This isn't a survey course. We get deep into the artifacts, the techniques, and the mindset you need to find attackers hiding in Linux environments.

🎤 Free SANS @night Talk — August 26 @ 6:00 PM
**"Extending Protocol-SIFT to Linux"**

Protocol-SIFT has been getting a lot of attention in the DFIR community lately — but the first release was 100% focused on Windows investigations. In this talk, we'll look at what it takes to extend Protocol-SIFT to cover Linux investigations. Free to attend for all on-site SANS students.

💰 Early Bird Discount: Save $500
Use code EarlyBirdNA — must be paid by July 9, 2026. Don't wait on this one.

📍 Hilton Virginia Beach Oceanfront, Virginia Beach, VA
📅 Course: August 24, 2026
🎤 @night Talk: August 26 @ 6:00 PM

🔗 Register here: https://www.sans.org/cyber-security-training-events/virginia-beach-2026

#DFIR #SANS #FOR577 #LinuxForensics #IncidentResponse #ThreatHunting #InfoSec #ProtocolSIFT #Linux #Cybersecurity #DigitalForensics

🐧 Teaching FOR577: Linux Incident Response & Threat Hunting at SANS Austin, June 22–27!

Learn to hunt threats on Linux, dig deep into artifacts, and walk away prepped for your GIAC GLIR cert. Evenings bring CORE NetWars, SANS@Night talks, great networking, and legendary Austin BBQ. 🍖🎸

💰 Early-bird pricing ends May 7th — register now and lock in your savings!

👉 https://www.sans.org/cyber-security-training-events/austin-2026 #SANS #FOR577 #DFIR #Linux #ThreatHunting