Training

On-Demand Courses

Training Courses

BEC100 Belkasoft Prerequisite Course

This course is designed to introduce new examiners to the realm of digital forensics and provide the baseline of foundational knowledge needed to perform analysis of artifacts acquired from digital evidence. The Belkasoft X workflow is designed around the following fundamental concepts of digital forensics:

  • Identification of digital evidence
  • Logical disk structures
  • Maintaining the integrity of source media
  • Understanding the operating system
  • Locating pertinent digital artifacts

During Instructor-led course activities and exercises, participants will demonstrate their understanding of essential digital forensic concepts while using the Belkasoft X platform. Upon completion, participants will be qualified to attend the Belkasoft certification course.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. The Forensic Process 1 Hour
  3. Identification of Digital Evidence 2 Hours
  4. Digital Storage Media 2 Hours
  5. File System Overview 2 Hours
  6. The Operating System 2 Hours
  7. Essential Artifacts 3 Hours
  8. Legal Issues 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC101 Belkasoft Certification Course

The Belkasoft Evidence Center X Certified Examiner course is designed for

Through lecture, instructor-led demonstrations, and practical exercises the Belkasoft course will prepare participants to
on electronic/mobile artifacts utilizing the Belkasoft X platform.

  • During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value.
  • Throughout the course, participants will discuss procedures used on the identification, acquisition, analysis, and reporting of electronic media for courtroom presentation.
  • Participants will also discuss the importance of developing and maintaining a policy on analyzing electronic artifacts to guide examiners when conducting cases.
  • Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.

Course details

Language: English

Duration: 3 days

Formats: Onsite, online or on-demand

MODULES

  1. Introduction 1 Hour
  2. Belkasoft X Overview 2 Hours
  3. Belkasoft X Interface 2.5 Hours
  4. Belkasoft X Workflow 3 Hours
  5. Search Techniques 4 Hours
  6. Multimedia Analysis 3 Hours
  7. Advanced Analysis 3 Hours
  8. Belkasoft X Reporting 1 Hour
  9. Belkasoft X Certification Exam 3 Hours

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC102 Advanced Computer-based Investigations Course

This course is designed to provide local/federal law enforcement, military investigative personnel, and private sector security professionals training on the knowledge and skills required to leverage Windows resources and artifacts to perform a comprehensive timeline-based examination.

During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value. Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. The Case Jacket 1 Hour
  3. Windows Registry Artifacts 2 Hours
  4. Parsing Windows Prefetch 1 Hour
  5. Parsing Link Files 1 Hour
  6. Windows 10 Timeline and Event Logs 2 Hours
  7. Understanding Metadata 1 Hour
  8. Final Practical 3 Hours

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

Incident Response Examination

The Incident Response Examination course with Belkasoft teaches how to conduct incident investigation and response using the Belkasoft Evidence Center X. During the course, participants will learn about the following subjects: modern cyberthreats; tactics, techniques, and procedures used by attackers; searches for IoCs; and other topics linked to online incidents.

The course will be useful for Information Security specialists, especially digital forensic analysts interested in incident investigation.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Modern cyber threats overview.
  2. Cyber Kill Chain overviews.
  3. Attacker's tactics, techniques and procedures.
  4. Search for indicators of compromise (IoCs).
  5. Extracting forensic artifacts for incident reconstruction.
  6. Incident response and investigation.

BEC201 RAM Investigations Course

This course will provide students with the tools needed to analyze artifacts contained within random access memory acquired from live Windows-based systems.

The Belkasoft X platform provides a comprehensive toolset for the examiner to locate artifacts from:

  • Running processes
  • Network connections and file shares
  • Internet browsers
  • Social media content

The Belkasoft Live RAM Capturer is used by many first responders and examiners worldwide for its ability to acquire volatile memory from 32-bit and 64-bit systems quickly and completely, including areas in RAM protected by actively running applications. Data that could be potentially recovered from these areas include chat communications and webmail artifacts.

During Instructor-led course activities, and exercises - participants will demonstrate the ability to efficiently analyze digital artifacts acquired from RAM while utilizing Belkasoft X.

Course details

Language: English

Duration: 3 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Understanding Volatile Data 2 Hours
  3. Acquiring RAM 2.5 Hours
  4. Analysis of Windows-based RAM Artifacts 2.5 Hours
  5. Parsing Link Files 2.5 Hours
  6. Analysis of Internet-based RAM Artifacts 2.5 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC301 Mobile Device Investigations Course

As a proven industry leader, Belkasoft has remained at the forefront of innovation when forensically acquiring mobile device data, while safely bypassing security constraints using the latest techniques.

This course will provide students with the tools needed to perform forensic analysis of Apple iOS and Google Android mobile devices from within the Belkasoft X platform.

The Belkasoft X platform provides a comprehensive toolset for the examiner to locate artifacts from mobile devices including:

  • SMS/MMS
  • Call Logs
  • Pictures and Video
  • Internet-based data
  • Browser content
  • App data and SQLite databases

During Instructor-led course activities, and exercises - participants will demonstrate the ability to efficiently analyze digital artifacts acquired from mobile devices while utilizing Belkasoft X.

Course details

Language: English

Duration: 3 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Mobile Device Acquisitions 3 Hours
  3. Understanding Apple iOS Artifacts 2 Hours
  4. Understanding Google Android Artifacts 2 Hours
  5. Mobile Device Examinations 4 Hours
  6. Final Practical 3.5 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC 302 Advanced Mobile Investigations

As a proven industry leader, Belkasoft has remained at the forefront of innovation when forensically acquiring mobile device data, while safely bypassing security constraints using the latest advanced techniques.

This course will provide you with the knowledge and preparation to use the Belkasoft X forensic software to conduct advanced acquisitions and complete an in-depth analysis of iOS and Android mobile device digital evidence to include:

iOS Advanced Acquisitions

  • Acquisition with lockdown file
  • Agent based Full File System acquisition
  • Jailbroken device acquisition
  • Checkm8 based device acquisition

iOS Advanced Analysis

  • Full File System Features – Data not included with an iTunes Backup
  • Keychain
  • System Artifacts – Knowledge C and Location Data
  • Third Party Apps – SQLite databases and Plist files

Android Advanced Acquisitions

  • Agent Backup acquisition
  • APK Downgrade acquisition
  • File System Copy acquisition
  • Physical acquisition

Android Advanced Analysis

  • Full File System Features – User profiles, Encryption, and Keystore
  • System Artifacts – Passwords, Account Information, and System Settings
  • Third Party Apps – SQLite databases and XML files

Course details

Language: English

Duration: 2 days

Formats: Onsite, online or on-demand

MODULES

  1. Introduction 1 Hour
  2. Advanced iOS Device Acquisitions 2 Hours
  3. Advanced iOS Analysis 3 Hours
  4. Advanced Android Device Acquisitions 2 Hours
  5. Advanced Android Analysis 3 Hours
  6. Final Practical 3 Hours

This course is meant for intermediate to advanced users. Although not required, BEC 301 should be completed prior to taking this course, or the participant should be proficient with the use of the BEC X forensic software.

The BEC 302 course design, objectives, practical exercises, and scenarios are written based on over twenty years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live mobile devices involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC401 Cloud-based Investigations Course

BEC401 is designed to provide examiners training on the knowledge and skills required to:

  • Forensically acquire cloud storage data for analysis
  • Identify and analyze cloud-based artifacts from computers and mobile devices

Through lecture, instructor-led demonstrations, and practical exercises this course will prepare participants to identify, acquire, analyze and report on cloud artifacts utilizing the Belkasoft X platform. During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value. Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Overview of Cloud Technology 2 Hours
  3. Acquiring Cloud Storage 2 Hours
  4. Identifying Cloud-based Artifacts 2 Hours
  5. Advanced Analysis 2 Hours
  6. Final Practical 2 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC501 Link Analysis and Analytics Course

BEC501 is designed to provide examiners training on the knowledge and skills required to identify pertinent connections across multiple data sources and separate case files.

Through lecture, instructor-led demonstrations, and practical exercises this course will prepare participants to use the Belkasoft X platform to perform link analysis and data analytics on network communications between multiple sources of digital evidence.

During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value. Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Overview of Link Analysis and Data Analytics 2 Hours
  3. Acquiring Cloud Storage 2 Hours
  4. Identifying Cloud-based Artifacts 2 Hours
  5. Advanced Analysis 2 Hours
  6. Final Practical 2 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

BEC601 Password-Breaking Techniques Course

BEC601 is designed to provide examiners training on how to bypass password-based security constraints utilized by computers and mobile devices.

Through lecture, instructor-led demonstrations, and practical exercises this course will prepare participants to use the Belkasoft X platform to perform password/passcode breaking and bypass procedures to gain access to protected digital evidence or encrypted data.

Course details

Language: English

Duration: 2 days

Formats: Onsite or online

MODULES

  1. Introduction 1 Hour
  2. Understanding Data Encryption 2 Hours
  3. Mobile Device Security Trends 2 Hours
  4. Password Breaking Techniques 2 Hours
  5. Passcode Bypass Techniques 2 Hours
  6. Final Practical 2 Hours
  7. Belkasoft X Reporting 1 Hour

The Belkasoft X certification course design, objectives, practical exercises, and scenarios are written based on over fifteen years of field experience from working with LE officers and CCU examiners both international and domestic. The techniques taught in this course – while based on Belkasoft X functionality and workflow – have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and/or mentors.

Training Schedule

Training name Location Duration Dates Price
BEC101 Belkasoft Certification Course Online 3 Days Dec 2023 4-6 1800 USD
BEC101 Belkasoft Certification Course Online 3 Days Feb 2024 5-7 1800 USD
BEC301 Belkasoft Mobile Fundamentals Online 3 Days Feb 2024 12-14 1800 USD
BEC101 Belkasoft Certification Course Palm City, Florida 3 Days Apr 2024 1-3 1950 USD
BEC301 Belkasoft Mobile Fundamentals Online 3 Days Apr 2024 8-10 1800 USD
BEC302 Belkasoft Mobile Advanced Online 2 Days May 2024 20-21 1200 USD
BEC101 Belkasoft Certification Course Online 3 Days Jul 2024 15-17 1800 USD
BEC301 Belkasoft Mobile Fundamentals Palm City, Florida 3 Days Aug 2024 19-21 1950 USD
BEC301 Belkasoft Mobile Fundamentals Online 3 Days Sep 2024 16-18 1800 USD
BEC302 Belkasoft Mobile Advanced Online 2 Days Sep 2024 19-20 1200 USD
BEC101 Belkasoft Certification Course Online 3 Days Oct 2024 21-23 1800 USD
BEC301 Belkasoft Mobile Fundamentals Palm City, Florida 3 Days Nov 2024 18-20 1950 USD
BEC302 Belkasoft Mobile Advanced Palm City, Florida 2 Days Nov 2024 21-22 1350 USD
BEC101 Belkasoft Certification Course Online 3 Days Dec 2024 9-11 1800 USD

Are you interested in Belkasoft training in other locations? Please contact us at sales@belkasoft.com and mention the city you would like us to have the training in.

Are you a reseller or a training company? Let us know if you'd like to license the training course from us.