Attacks/Breaches
1/7/2014
11:33 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3.0 To Debut At DFIRCON

SIFT 3.0 is a group of free open-source forensic tools designed to perform detailed digital forensic examinations

BETHESDA, Md., Jan. 6, 2014 /PRNewswire-USNewswire/ -- SANS Institute today announced it will debut a new version of its popular digital forensic examination toolkit, SIFT Workstation, at the upcoming SANS Digital Forensics and Incident Response Training Event (DFIRCON -- pronounced d?-'f?r-'kän) in Monterey, CA, March 5 - 10. SIFT 3.0 is a complete rebuild of the previous SIFT version and features the latest digital forensic tools available today.

Offered free of charge, the SIFT 3.0 Workstation will debut during SANS'

Advanced Computer Forensic Analysis and Incident Response course (FOR508) at DFIRCON. SIFT 3.0 demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.

"Even if SIFT were to cost tens of thousands of dollars, it would still be a very competitive product," says, Alan Paller, director of research at SANS. "At no cost, there is no reason it should not be part of the portfolio in every organization that has skilled forensics analysts."

Developed and continually updated by an international team of forensic experts, the SIFT is a group of free open-source forensic tools designed to perform detailed digital forensic examinations in a variety of settings. With over

100,000 downloads to date, the SIFT continues to be the most popular open-source forensic offering next to commercial source solutions.

"The SIFT Workstation has quickly become my "go to" tool when conducting an exam. The powerful open source forensic tools in the kit on top of the versatile and stable Linux operating system make for quick access to most everything I need to conduct a thorough analysis of a computer system," said Ken Pryor, GCFA Robinson, IL Police Department.

Key new features of SIFT 3.0 include:

-- Ubuntu LTS 12.04 Base

-- 64 bit base system

-- Better memory utilization

-- Auto-DFIR package update and customizations

-- Latest forensic tools and techniques

-- VMware Appliance

-- Ready to tackle forensics

-- Cross compatibility between Linux and Windows

-- Option to install stand-alone via (.iso) or use via VMware

Player/Workstation

About DFIRCON

This unique Digital Forensics and Incident Response (DFIR) event brings SANS'

most popular forensics courses, instructors, and bonus seminars together in one place. It is one of the industry's most comprehensive DFIR training experiences.

DFIRCON will be held in in Monterey, CA, March 5 - 10, 2014. For more information, including panel and discussion overviews, a complete list of instructors, or to register for the event or one of the courses offered via simulcast, please visit: http://www.sans.org/info/147850

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest source for world-class information security training and security certification in the world, offering over 50 training courses each year. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 27 hands-on, technical certifications in information security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community.

(www.SANS.org)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7241
Published: 2014-12-19
The TSUTAYA application 5.3 and earlier for Android allows remote attackers to execute arbitrary Java methods via a crafted HTML document.

CVE-2014-7249
Published: 2014-12-19
Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 992...

CVE-2014-7267
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7268.

CVE-2014-7268
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the data-export feature in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7267.

CVE-2014-8272
Published: 2014-12-19
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.