Network Forensic Poster Side 2 – Network communications are a critical component to most forensic casework and threat hunting operations. This poster helps bring clarity to the types and sources of network-based evidence, how to convert full-packet data to other, more rapidly examined formats, the tools used to query that evidence, and general use cases for network data in typical DFIR operations.
The Network Forensics & Analysis Poster was created by FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response course author and SANS Certified Instructor Phil Hagen with support from the SANS DFIR Faculty.
The DFIR posters are shipped rolled in a tube and measure 24″ x 36″ (slightly larger than the SANS folded version).
Currently shipping within the US only.