KAPE Intensive Training and Certification

Contact us at [email protected] to book a private session.

About the Program

KAPE is changing the landscape of forensic investigations, as it enables processing of relevant forensic artifacts within minutes. Program participants will learn from Kroll instructors who have extensive experience using KAPE and will have the opportunity to take the KAPE proficiency exam.

For DFIR professionals looking to accelerate digital forensic collection, triage and analysis and attest their proficiency, this course will cover KAPE fundamentals such as:

• Efficient ways to examine key forensic artifacts like $MFT, $J, Lnk files, Shell bags, Prefetch and others using EZ Tools
• Understanding the applications of KAPE targets and modules
• Instruction for how to build targets and modules catered to environments you face most often
• Exploring the capabilities of KAPE’s graphical interface
• Targeting specific options such as VSC’s, containers and SFTP
• Taking advantage of KAPE’s clear command line structure
• Running a hands-on investigation lab to produce actionable intelligence in 15 minutes or less

Following the training, participants will have the opportunity to take the KAPE proficiency exam. In order to receive certification, a student must achieve a minimum passing score of 80% within two attempts.

Who Should Attend

Join the professionals in many fields who are already using KAPE, including:

• Federal agents and law enforcement personnel
• Incident responders and digital forensic investigators
• Information security professionals
• Incident response team members
• Media exploitation analysts
• U.S. DOD and intelligence community professionals

For additional questions or suggestions, please reach one of our KAPE experts at [email protected]