Courses / Incident Response
Incident Response Forensics Bridge
Translate between SOC timelines and forensic depth: tagging, escalation, and evidence packaging.
Schedule a workshop callOverview
Built for responders who already know ticketing but want cleaner evidence packets. You rehearse escalation language, artifact bundles, and the quiet discipline of not over-claiming certainty. The capstone is a tabletop plus a short written package reviewers can critique.
What is included
- Tabletop scripts with three severity bands
- Packet templates aligned to cross-org workflow habits
- Role-play office hours with rotating reviewer hats
- Checklist for when to pause collection for legal coordination
- Short async videos on chain-of-custody tone in chat logs
- Capstone review with written feedback
Outcomes
- Produce an escalation brief that separates facts from hypotheses
- Assemble a reviewer-ready artifact bundle under ten files
- List open questions without burying them in attachments
FAQ
Is this for brand-new responders?
You should already understand basic ticketing and severity models. Absolute newcomers should start with Digital Evidence Basics Studio.
Time per week?
Plan for eight to ten hours including the tabletop.
Limitation
We do not cover cloud provider subpoena mechanics; only packaging discipline.
Learner notes
-
“The reviewer hat exercise felt awkward at first, then embarrassingly useful.”