Training

Training Courses

BEC100 Belkasoft Prerequisite Course

This course is designed to introduce new examiners to the realm of digital forensics and provide the baseline of foundational knowledge needed to perform analysis of artifacts acquired from digital evidence. The Belkasoft X workflow is designed around the following fundamental concepts of digital forensics:

  • Identification of digital evidence
  • Logical disk structures
  • Maintaining the integrity of source media
  • Understanding the operating system
  • Locating pertinent digital artifacts

During Instructor-led course activities and exercises, participants will demonstrate their understanding of essential digital forensic concepts while using the Belkasoft X platform. Upon completion, participants will be qualified to attend the Belkasoft certification course.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. The Forensic Process 1 Hour
  3. Identification of Digital Evidence 2 Hours
  4. Digital Storage Media 2 Hours
  5. File System Overview 2 Hours
  6. The Operating System 2 Hours
  7. Essential Artifacts 3 Hours
  8. Legal Issues 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC101 Belkasoft Certification Course

The Belkasoft Evidence Center X Certified Examiner course is designed for

Through lecture, instructor-led demonstrations, and practical exercises the Belkasoft course will prepare participants to
on electronic/mobile artifacts utilizing the Belkasoft X platform.

  • During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value.
  • Throughout the course, participants will discuss procedures used on the identification, acquisition, analysis, and reporting of electronic media for courtroom presentation.
  • Participants will also discuss the importance of developing and maintaining a policy on analyzing electronic artifacts to guide examiners when conducting cases.
  • Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.

Course details

Language: English

Duration: 3 days

Formats: Onsite, online or on-demand

MODULES

  1. Introduction 1 Hour
  2. Belkasoft X Overview 2 Hours
  3. Belkasoft X Interface 2.5 Hours
  4. Belkasoft X Workflow 3 Hours
  5. Search Techniques 4 Hours
  6. Multimedia Analysis 3 Hours
  7. Advanced Analysis 3 Hours
  8. Belkasoft X Reporting 1 Hour
  9. Belkasoft X Certification Exam 3 Hours

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

Belkasoft Essentials

Belkasoft Essentials is intended for investigators of any level of expertise who want to acquire hands-on skills in computer, mobile and cloud investigation and enrich their toolkit with Belkasoft Evidence Center X, all-in-one forensic solution.

It is a basic-level course which covers fundamental principles every digital forensic investigator should know. By the successful completion of the course, each participant gets strong skills in Belkasoft Evidence Center X, and also deepens their knowledge about techniques behind it and methodology of digital forensic analysis.

In particular the participants will learn how to configure Belkasoft Evidence Center X and start the investigation, acquire data from hard drives, smartphones and cloud, add other data sources, analyze most relevant artifacts (including internet evidence, media, registry data etc.) and overcome difficulties working with these types of artifacts. Various analysis options will be considered: extraction of artifacts from existing files, carving, live RAM analysis, hibernation and pagefile analysis.

Every module is accompanied by a set of practical exercises and all related questions will be answered during the training session.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introducing Belkasoft and Belkasoft Evidence Center X
  2. First steps with Evidence Center. User interface
  3. Data acquisition and main workflow
  4. Working with computer artifacts
  5. Working with mobile and cloud artifacts
  6. Search and filtering techniques
  7. Creating reports
  8. Overview of low-level analysis techniques
  9. Exercises review and wrap-up

BEC102 Advanced Computer-based Investigations Course

This course is designed to provide local/federal law enforcement, military investigative personnel, and private sector security professionals training on the knowledge and skills required to leverage Windows resources and artifacts to perform a comprehensive timeline-based examination.

During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value. Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. The Case Jacket 1 Hour
  3. Windows Registry Artifacts 2 Hours
  4. Parsing Windows Prefetch 1 Hour
  5. Parsing Link Files 1 Hour
  6. Windows 10 Timeline and Event Logs 2 Hours
  7. Understanding Metadata 1 Hour
  8. Final Practical 3 Hours

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

Incident Response Examination

The Incident Response Examination course with Belkasoft teaches how to conduct incident investigation and response using the Belkasoft Evidence Center X. During the course, participants will learn about the following subjects: modern cyberthreats; tactics, techniques, and procedures used by attackers; searches for IoCs; and other topics linked to online incidents.

The course is organized by Belkasoft together with Group-IB, a provider of solutions that help detect and prevent cyberattacks and online fraud, protect intellectual property, and conduct and high-tech crime investigations. Group-IB's experienced specialists will share knowledge on how to effectively work on incident investigations using Belkasoft products.

The course will be useful for Information Security specialists, especially digital forensic analysts interested in incident investigation.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Modern cyber threats overview.
  2. Cyber Kill Chain overviews.
  3. Attacker's tactics, techniques and procedures.
  4. Search for indicators of compromise (IoCs).
  5. Extracting forensic artifacts for incident reconstruction.
  6. Incident response and investigation.

BEC201 RAM Investigations Course

This course will provide students with the tools needed to analyze artifacts contained within random access memory acquired from live Windows-based systems.

The Belkasoft X platform provides a comprehensive toolset for the examiner to locate artifacts from:

  • Running processes
  • Network connections and file shares
  • Internet browsers
  • Social media content

The Belkasoft Live RAM Capturer is used by many first responders and examiners worldwide for its ability to acquire volatile memory from 32-bit and 64-bit systems quickly and completely, including areas in RAM protected by actively running applications. Data that could be potentially recovered from these areas include chat communications and webmail artifacts.

During Instructor-led course activities, and exercises - participants will demonstrate the ability to efficiently analyze digital artifacts acquired from RAM while utilizing Belkasoft X.

Course details

Language: English

Duration: 3 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Understanding Volatile Data 2 Hours
  3. Acquiring RAM 2.5 Hours
  4. Analysis of Windows-based RAM Artifacts 2.5 Hours
  5. Parsing Link Files 2.5 Hours
  6. Analysis of Internet-based RAM Artifacts 2.5 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC301 Mobile Device Investigations Course

As a proven industry leader, Belkasoft has remained at the forefront of innovation when forensically acquiring mobile device data, while safely bypassing security constraints using the latest techniques.

This course will provide students with the tools needed to perform forensic analysis of Apple iOS and Google Android mobile devices from within the Belkasoft X platform.

The Belkasoft X platform provides a comprehensive toolset for the examiner to locate artifacts from mobile devices including:

  • SMS/MMS
  • Call Logs
  • Pictures and Video
  • Internet-based data
  • Browser content
  • App data and SQLite databases

During Instructor-led course activities, and exercises - participants will demonstrate the ability to efficiently analyze digital artifacts acquired from mobile devices while utilizing Belkasoft X.

Course details

Language: English

Duration: 3 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Mobile Device Acquisitions 3 Hours
  3. Understanding Apple iOS Artifacts 2 Hours
  4. Understanding Google Android Artifacts 2 Hours
  5. Mobile Device Examinations 4 Hours
  6. Final Practical 3.5 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC401 Cloud-based Investigations Course

BEC401 is designed to provide examiners training on the knowledge and skills required to:

  • Forensically acquire cloud storage data for analysis
  • Identify and analyze cloud-based artifacts from computers and mobile devices

Through lecture, instructor-led demonstrations, and practical exercises this course will prepare participants to identify, acquire, analyze and report on cloud artifacts utilizing the Belkasoft X platform. During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value. Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Overview of Cloud Technology 2 Hours
  3. Acquiring Cloud Storage 2 Hours
  4. Identifying Cloud-based Artifacts 2 Hours
  5. Advanced Analysis 2 Hours
  6. Final Practical 2 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC501 Link Analysis and Analytics Course

BEC501 is designed to provide examiners training on the knowledge and skills required to identify pertinent connections across multiple data sources and separate case files.

Through lecture, instructor-led demonstrations, and practical exercises this course will prepare participants to use the Belkasoft X platform to perform link analysis and data analytics on network communications between multiple sources of digital evidence.

During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value. Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Overview of Link Analysis and Data Analytics 2 Hours
  3. Acquiring Cloud Storage 2 Hours
  4. Identifying Cloud-based Artifacts 2 Hours
  5. Advanced Analysis 2 Hours
  6. Final Practical 2 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC601 Password-Breaking Techniques Course

BEC601 is designed to provide examiners training on how to bypass password-based security constraints utilized by computers and mobile devices.

Through lecture, instructor-led demonstrations, and practical exercises this course will prepare participants to use the Belkasoft X platform to perform password/passcode breaking and bypass procedures to gain access to protected digital evidence or encrypted data.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Understanding Data Encryption 2 Hours
  3. Mobile Device Security Trends 2 Hours
  4. Password Breaking Techniques 2 Hours
  5. Passcode Bypass Techniques 2 Hours
  6. Final Practical 2 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

Training Schedule

training name Location duration Dates Price
BEC100 Belkasoft First Responders Course Online 2 Days Aug 2021 9-10 1150 USD
BEC301 Belkasoft Mobile Fundamentals Online 3 Days Sep 2021 13-15 1800 USD
BEC201 Belkasoft Memory Analysis Fundamentals Online 3 Days Sep 2021 20-22 1800 USD
BEC100 Belkasoft First Responders Course Online 2 Days Oct 2021 4-5 1150 USD
BEC101 Belkasoft Certification Course Online 3 Days Oct 2021 6-8 1800 USD
BEC201 Belkasoft Memory Analysis Fundamentals Online 3 Days Nov 2021 1-3 1800 USD
BEC202 Belkasoft Memory Analysis Advanced Online 2 Days Nov 2021 4-5 1150 USD
BEC301 Belkasoft Mobile Fundamentals Online 3 Days Dec 2021 6-8 1800 USD
BEC302 Belkasoft Mobile Advanced Online 2 Days Dec 2021 9-10 1150 USD

Are you interested in Belkasoft training in other locations? Please contact us at sales@belkasoft.com and mention the city you would like us to have the training in.

Are you a reseller or a training company? Let us know if you'd like to license the training course from us.