KAPE Intensive Training and Certification Webcast December 2-10, 2020 Webcast

or to bookmark this page

Click here to bookmark this page

Click here to remove bookmark

The Cyber Risk practice of Kroll, a division of Duff & Phelps is excited to offer virtual sessions of the Kroll Artifact Parser and Extractor (KAPE) Intensive Training and Certification. The program will accelerate the learning curve of digital forensic and incident response (DFIR) professionals that need to do triage, collection and processing at lightning speed. Kroll instructors will demonstrate how to utilize KAPE and other powerful tools developed by Eric Zimmerman to collect and process relevant forensic artifacts within minutes, and participants will have the opportunity to take the KAPE proficiency exam to become certified.

Over 93% of participants in previous KAPE Intensive Training and Certification virtual sessions rated the instructors’ clarity and pace, as well as the practice labs “very” or “extremely” helpful. We’ve now expanded the program so it’s more convenient for DFIR professionals worldwide to become trained and certified in KAPE. 

Virtual sessions are limited to a maximum of 25 students to guarantee individual attention to every participant. Register early to secure your spot. 

Available Sessions



December 2, 2020

9:00 a.m. – 6:00 p.m. (GMT + 8)

Register now.


Paul Jackson

David Klopp

Rob Phillips



December 4, 2020

10:00 a.m. – 7:00 p.m. (EST)

Register now.

Eric Zimmerman

Sean Straw

Scott Zuberbuehler

December 10, 2020

8:00 a.m. - 5:00 p.m. (GMT)

Register now.

Paul Wells

James Thoburn

Guillermo Roman

Eric Semaan

About the Program

KAPE is changing the landscape of forensic investigations, as it enables processing of relevant forensic artifacts within minutes. Program participants will learn from Kroll instructors who have extensive experience using KAPE and will have the opportunity to take the KAPE proficiency exam.

For DFIR professionals looking to accelerate digital forensic collection, triage and analysis and attest their proficiency, this course will cover KAPE fundamentals such as:

  • Efficient ways to examine key forensic artifacts like $MFT, $J, Lnk files, Shell bags, Prefetch and others using EZ Tools
  • Understanding the applications of KAPE targets and modules
  • Instruction for how to build targets and modules catered to environments you face most often
  • Exploring the capabilities of KAPE’s graphical interface
  • Targeting specific options such as VSC’s, containers and SFTP
  • Taking advantage of KAPE’s clear command line structure
  • Running a hands-on investigation lab to produce actionable intelligence in 15 minutes or less

Following the training, participants will have the opportunity to take the KAPE proficiency exam. In order to receive certification, a student must achieve a minimum passing score of 80% within two attempts. 

Who Should Attend

  • Join the professionals in many fields who are already using KAPE, including:
  • Federal agents and law enforcement personnel 
  • Incident responders and digital forensic investigators 
  • Information security professionals
  • Incident response team members
  • Media exploitation analysts 
For additional questions or suggestions, please reach one of our KAPE experts at [email protected].
2020-12-02T04:00:00.0000000 2020-12-10T00:00:00.0000000 /-/media/kroll/images/events/2020/featured-images/kape-event-overview-page.jpg /en-ca/insights/events/2020/kape-intensive-training-certification event {09213578-A7CA-4DD8-AE97-7476022C89D6} {7EC13A8A-F86F-4AEB-8B10-1EE5D7371F2D} {E39587AD-8F0B-4FE2-865F-969BC5501096} {3A077BFC-C74A-40AF-A14C-13BCF6E3873E} {F7669293-38FA-4E53-9244-F89C953E8631} {3F9C86F0-701F-4E6D-9B8B-E6EA351C3C63} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Contact Us


Kroll Responder

Mature your cyber security with unparalleled visibility and constant protection.

Kroll Responder

Cyber Risk

Global, end-to-end cyber risk solutions.

Cyber Risk

24x7 Incident Response

Compliant notifications, reputation-saving remediation, and litigation support.

24x7 Incident Response

Penetration Testing Services

Assess clients' info security through simulated attacks using real-world hacker techniques.

Penetration Testing Services



KAPE Quarterly Update – Q2 2021


UK Insolvency Restrictions – Hoping for the Best but Preparing for the Worst?


Cryptocurrency – Fools’ Gold?