All Courses

Kaspersky Academy

Windows Incident Response

  • Length

    Access 6 months

  • Result

    PDF document of completion signed by the course leader(s)

  • For whom

    Infosec professionals, Enterprises

Are you looking to improve the expertise of your in-house digital forensics and incident response team? Or do you want to train yourself in the area of incident response to identify the complex attacks? This Kaspersky Windows Incident Response course brings you concentrated knowledge from the company’s Global Emergency Response Team (GERT) experts.

The course’s curriculum is heavily focused on practicing. Our experts will take you through all the stages of responding to an incident based on a real-life ransomware case.

You will master incident detection, evidence acquisition, log file analysis, network analysis and creation of IoCs, and also get introduced to memory forensics. You will be working in a simulated virtual environment with all the necessary tools to practice IR. Your coaches Ayman Shaaban and Kai Schuricht have handled security incidents for Kaspersky incident response customers around the globe. You will get not only super-clear theoretical knowledge but also tap into their up-to-date experience, skills and tips.


Kaspersky report shows malware can survive in a company’s digital environment for months and even years under the radar. After completing the course you will be able to verify and handle threats quicker in order to minimize the impact and contain the damage.

For Whom

  • Incident Response

    Incident response professionals.

  • InfoSec professionals

    For cybersecurity professionals who would like to upgrade technical analysis skills in the incident response domain.

  • Enterprises

    For incident response and digital forensics teams, who are continuously enhancing their practical skills in incident remediation.

Our Experts

Ayman Shaaban

Ayman Shaaban

Digital Forensic and Incident Response Manager

Ayman joined Kaspersky in 2014 as a security researcher and member of GERT. Currently, Ayman works as DFIR manager in GERT.
Kai Schuricht

Kai Schuricht

Senior Incident Response Specialist

Kai started his career in the information security domain in 2010 as a security consultant and joined GERT in 2016 as an incident response specialist.

Education Programm

  • Gain new skills through a practical challenge in virtual environment

  • Understand the phases of incident response

  • Know how to identify and respond to a cyber incident

  • Understand various attack techniques and targeted attack anatomy through the Cyber Kill Chain

  • Differentiate APTs from other threats

  • Apply live analysis on victim machines

  • Acquire evidence in a forensically sound environment

  • Upgrade your memory forensics skills

  • Apply log file analysis with regular expressions and ELK

  • Enhance cyber threat intelligence knowledge

  • Be able to create better network and host-based IoCs (Indicators of Compromise)

  • Test your network traffic forensics skills

You can also get acquainted with a more detailed course program

Course results

  • Certificate

Training Request

I want to train myself I want to train employees