Certifications

I would like to thank FDCA for the great fund that allowed me to take this certification. I picked up 30 days of lab access along with the required course material. Back in 2023, I did the CRTP from Altered Security, which is fully focused on on-prem Active Directory. Time has passed, and I figured it was time to dive into Azure. CARTP was a natural next step. For context, I work professionally with Azure every day, so most of the core concepts weren’t new. What was new to me was how to abuse it. Earlier this year, I took the GIAC GCFR, so I was already pretty comfortable with investigating cloud environments, including Azure. ...

SANS FOR509 in Copenhagen – What a week Thanks Antti for the image Last week I attended SANS FOR509 – Enterprise Cloud Forensics and Incident Response in Copenhagen. The course is focused on cloud investigations across Microsoft 365, Azure, AWS, Google Workspace and Kubernetes. It was taught by Korstiaan Stam, who brought tons of experience. Before the course I had worked quite a bit with Azure and had handled a few BEC cases in M365. I had no real experience with AWS, GCP or Kubernetes. That changed quickly. The course does a great job at tying things together and focusing on what matters during an investigation. ...